Hi,
the cookie, which squirrelmail uses to store the users (encrypted)
password, could be set with the 'secure flag' on. (and should be
set probably: http://pdos.lcs.mit.edu/cookies/pubs/webauth.html)
Maybe somebody has already built a patch for conf.pl to add a
possibility to set this? Looks like it works if one modifies
session_set_cookie_params() and setcookie() in src/redirect.php
Regards, Ralf
--
Ralf Utermann
_____________________________________________________________________
Universit�t Augsburg, Institut f�r Physik -- EDV-Betreuer
Universit�tsstr.1
D-86135 Augsburg Phone: +49-821-598-3231
SMTP: [EMAIL PROTECTED] Fax: -3411
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
--
squirrelmail-users mailing list
List Address: [EMAIL PROTECTED]
List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
