• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use
Item7848 for generic doc work for TWiki-6.1.1. Use Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
• Does this site look broken?. Use the LitterTray web for test cases.
• Use
Item7848 for generic doc work for TWiki-6.1.1. Use Item7851 for doc work on extensions that are not part of a release. More... Close • Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
• Does this site look broken?. Use the LitterTray web for test cases.
Item4972: session files should only be created for web based sessions.
Item Form Data
| AppliesTo: | Component: | Priority: | CurrentState: | WaitingFor: | TargetRelease | ReleasedIn |
|---|---|---|---|---|---|---|
| Engine | Normal | Closed | minor |
Edit Form Data
Detail
Item4898 and the related debian cve show that we should avoid writing session files un-necessarily, as that leads to needing looser file and dir permissions than sensible, thus allowing a lookin for hackers.
-- TWiki:Main/SvenDowideit
- 15 Nov 2007
Session files are not written when the
- 15 Nov 2007
Session files are not written when the command_line context is set (which it should be automatically for all scripts invoked from the command-line via UI.pm). Scripts that do not go via UI.pm - such as rest - set command_line themselves. The only other scripts that I'm aware of that might have a problem are the tests, and most of the time we deliberately want the tests to use a query / session. Some other scripts, such as mailnotify, have been sloppily written and don't set command_line. So I have modified TWiki.pm to set command_line if no other initial context is given, and there is no query. I believe that should answer.
Checkins Rev:15712 Rev:15713 mistakenly attributed to 4982
CC
| ItemTemplate | |
|---|---|
| Summary | session files should only be created for web based sessions. |
| ReportedBy |
TWiki:Main.SvenDowideit
|
| Codebase | ~twiki4 |
| SVN Range | TWiki-4.3.0, Thu, 15 Nov 2007, build 15592 |
| AppliesTo | Engine |
| Component | |
| Priority | Normal |
| CurrentState | Closed |
| WaitingFor | |
| Checkins | Rev:15712 Rev:15713 |
| TargetRelease | minor |
| ReleasedIn | |
Topic revision: r3 - 2008-01-22 - KennethLavrsen
Site map
Bugs web
Create New Report
Index
Search
Detailed Items Query
Changes
100
Notifications
RSS Feed
Statistics
Preferences
Bugs 
Items by urgency
My Reports
Recently Closed
Extensions
By Status 
Waiting for Feedback
Confirmed
Being Worked On
Waiting for Release
No Action Required
Lima 
Fixes for Rel.Notes
Create Feature Request
Account 
Copyright © 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback