mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-16 08:58:56 +00:00
add warning about having a world-readable sessions.save_path
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@40013 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
jim winstead
parent
f53a59c0f0
commit
d119a57899
1 changed files with 8 additions and 0 deletions
|
|
@ -184,6 +184,14 @@ To continue, <A HREF="nextpage.php?<?=SID?>">click here</A>
|
|||
handler, this is the path where the files are created.
|
||||
Defaults to <literal>/tmp</literal>.
|
||||
</simpara>
|
||||
<warning>
|
||||
<para>
|
||||
If you leave this set to a world-readable directory, such as
|
||||
<filename>/tmp</filename> (the default), other users on the
|
||||
server may be able to hijack sessions by getting the list of
|
||||
files in that directory.
|
||||
</para>
|
||||
</warning>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<simpara>
|
||||
|
|
|
|||
Loading…
Reference in a new issue