Bug#719982: php5: -maxdepth 1 in sessionclean assumes sessions are not sorted into subdirectories

Package: php5-common Followup-For: Bug #719982 Dear Maintainer, *** Please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action?

Bug#719982: [php-maint] Bug#719982: php5: -maxdepth 1 in sessionclean assumes sessions are not sorted into subdirectories

Control: tag -1 +wontfix Control: severity -1 wishlist Gergely, please read the bug the Thijs already mentioned - removing maxdepth has a security implications. If you modify the default settings you are responsible also to modify the other ends. The session cleaning is documented in Debian

Bug#719982: [php-maint] Bug#719982: php5: -maxdepth 1 in sessionclean assumes sessions are not sorted into subdirectories

On Sun, Aug 18, 2013 at 11:03 PM, Ondřej Surý ond...@sury.org wrote: Control: tag -1 +wontfix Control: severity -1 wishlist Gergely, please read the bug the Thijs already mentioned - removing maxdepth has a security implications. If you modify the default settings you are responsible also

Bug#719982: php5: -maxdepth 1 in sessionclean assumes sessions are not sorted into subdirectories

Package: php5 Version: 5.4.17-1~dotdeb.1 Severity: important Dear Maintainer, The find command in the sessionclean script that performs the session GC has a -maxdepth 1 parameter that keeps the command from traversing into subdirectories. However, the save_path option offers a possibility to