[Koha-bugs] [Bug 6627] [security] insecure file creation
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Dec 21 14:01:24 CET 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6627
M. de Rooy <m.de.rooy at rijksmuseum.nl> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |m.de.rooy at rijksmuseum.nl
--- Comment #2 from M. de Rooy <m.de.rooy at rijksmuseum.nl> 2011-12-21 13:01:24 UTC ---
(In reply to comment #1)
> Removed session logging, no useful information was being stored and was just a
> liability.
Thanks for your patch.
I agree that current situation could be unsafe, but I do not agree just
removing session log information under the flag of not useful information. It
could be useful to know who was logged in at at a certain time. Could you write
a follow up that gives me that information in a table? That table could be
cleaned up regularly in cleanup_database as has been done for more tables..
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list