Closed (fixed)
Project:
Mailhandler
Version:
master
Component:
Code
Priority:
Normal
Category:
Task
Assigned:
Unassigned
Reporter:
Created:
16 Mar 2008 at 15:22 UTC
Updated:
16 May 2008 at 17:41 UTC
Hi,
I was just doing a general security review and saw this: http://drupal.org/node/218104
It says that modules should implement session_save_session(FALSE); before "impersonating another user" and session_save_session(TRUE); after returning to the original user. Should mailhandler implement this in the mailhandler_retrieve function?
Best,
Chad
Comments
Comment #1
moshe weitzman commentedcommitted. thx.
Comment #2
Anonymous (not verified) commentedAutomatically closed -- issue fixed for two weeks with no activity.