[SM-USERS] .pref file corrupted by other user data

Tue, 25 Oct 2005 23:30:46 -0700 

Hi.
 Yesterday we apparently had a user contaminate another user's pref
file with contents much like that of the contaminating user.
diff'ing the two, the sort value was different (one =1, one =0) otherwise
identical. The pref file which had the correct name/addresses had a recent modification date, 
which predated the time the bogus information was used in an email by the
effected user. I lost the modification date information on the corrupted pref file 
when I edit corrected the user name/email contents.

Anyway, I've reviewed the list activity and bug tracker and see lots of posting
on similar observations, most from several years ago,
with no excellent solution apparent. (bug track 751989
being open). Today these two users didn't share a common machine to the best
of my knowledge which makes it somewhat different than the usual description.

Users preferences being overwritten by other users:
http://sourceforge.net/tracker/?group_id=311&atid=100311&func=detail&aid=751989
http://sourceforge.net/tracker/?group_id=311&atid=100311&func=detail&aid=647612
http://article.gmane.org/gmane.mail.squirrelmail.user/17050/match=pref
http://article.gmane.org/gmane.linux.suse.general/41452/match=pref
http://thread.gmane.org/gmane.mail.squirrelmail.user/7489
http://thread.gmane.org/gmane.mail.squirrelmail.user/2495
http://thread.gmane.org/gmane.mail.squirrelmail.user/21592
http://article.gmane.org/gmane.mail.squirrelmail.user/3563/match=pref
http://thread.gmane.org/gmane.mail.squirrelmail.user/25366
http://article.gmane.org/gmane.mail.squirrelmail.user/7869/match=pref

I'm running 1.4.5 on a freebsd machine.
php4-4.3.11_1
register_globals off
apache+mod_ssl-1.3.33+2.8.22
plugins
   1. squirrelspell
    2. delete_move_next
    3. message_details
    4. abook_import_export
    5. address_add
    6. archive_mail
    7. askuserinfo
    8. autocomplete
    9. msg_flags
    10. select_range
    11. show_headers
    12. password_forget
    13. compatibility
    14. check_quota
    15. filters
    16. avelsieve
    17. auto_cc
    18. secure_login
I've just upgraded compatibility to 2.0.2 and address_add to 2.1-1.4.0 since experiencing the 
pref contamination.
When this corruption occurs, and I don't know the exact mechanism, a user doesn't know their preferences are wrong as they send a message. They are silently misidentified 
in the header.  Helpful thoughts sought.

Thanks
John



-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.
Get Certified Today * Register for a JBoss Training Course
Free Certification Exam for All Training Attendees Through End of 2005
Visit http://www.jboss.com/services/certification for more information
--
squirrelmail-users mailing list
Posting Guidelines: 
http://www.squirrelmail.org/wiki/MailingListPostingGuidelines
List Address: squirrelmail-users@lists.sourceforge.net
List Archives: 
http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user
List Archives:  http://sourceforge.net/mailarchive/forum.php?forum_id=2995
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users

Reply via email to