- login_form hook changed from do_hook to concat_hook_function in order to
place form elements before login button (#1245070).
- Forwarding broken when not using compose in new window (#1222436).
+ - Drop data/ dir from distributed tarball.
Version 1.5.0 - 2 February 2004
-------------------------------
directories outside of your web tree.
The data directory is used for storing user preferences, like
- signature, name and theme. When unpacking the sources this directory
- is created as data/ in your SquirrelMail directory. This directory
- must be writable by the webserver. If your webserver is running as
- the user "nobody" you can fix this by running:
+ signature, name and theme. You need to create this directory yourself.
+ Recommended location is under /var, for example:
+ /var/local/squirrelmail/data
+ This directory must be writable by the webserver. If your webserver is
+ running as the user "nobody" and group "nobody" you can fix this by
+ running:
- $ chown -R nobody data
- $ chgrp -R nobody data
+ $ chown -R nobody:nobody /path/to/your/datadir
Keep in mind that with different installations, the web server could
typically run as userid/groupid of nobody/nobody, nobody/nogroup,
$ chmod 730 SomeDirectory
If you trust all the users on you system not to read mail they are
- not supposed to read change the last line to chmod 777 SomeDirectory
- or simply use /tmp as you attachments directory.
+ not supposed to read, you can simply use /tmp as you attachments
+ directory.
If a user is aborting a mail but has uploaded some attachments to it
the files will be lying around in this directory forever if you do not
deletes everything in the attachment directory. Something similar
to the following will be good enough:
- $ cd /var/attach/directory
+ $ cd /var/local/squirrelmail/attach
$ rm -f *
However, this will delete attachments that are currently in use by people
attachment directory is the same as your data directory) might look like
this:
- $ rm `find /var/attach/directory -atime +2 | grep -v "\." | grep -v _`
+ $ rm `find /var/local/squirrelmail/attach -atime +2 | grep -v "\." | grep -v _`
Remember to be careful with whatever method you do use, and to test out
the command before it potentially wipes out everyone's preferences.
as well as a new "save replies to the same folder as the original"
option.
+
+Data directory
+==============
+
+The directory data/ used to be included in our tarball. Since placing this
+dir under a web accessible directory is not very wise, we've decided to not
+pack it anymore; you need to create it yourself. Please choose a location
+that's safe, e.g. somewhere under /var.
+
+
Reporting my favorite SquirrelMail 1.4 bug
==========================================
# Data directory
sub command33a {
print "Specify the location for your data directory.\n";
+ print "You need to create this directory yourself.\n";
print "The path name can be absolute or relative (to the config directory).\n";
- print "It doesn't matter. Here are two examples:\n";
- print " Absolute: /var/lib/squirrelmail/data/\n";
+ print "Here are two examples:\n";
+ print " Absolute: /var/local/squirrelmail/data/\n";
print " Relative: ../data/\n";
print "Relative paths to directories outside of the SquirrelMail distribution\n";
print "will be converted to their absolute path equivalents in config.php.\n\n";
# Attachment directory
sub command33b {
print "Path to directory used for storing attachments while a mail is\n";
- print "being sent. The path name can be absolute or relative (to the config directory).\n";
- print "It doesn't matter. Here are two examples:\n";
- print " Absolute: /var/spool/squirrelmail/attach/\n";
+ print "being composed. The path name can be absolute or relative (to the\n";
+ print "config directory). Here are two examples:\n";
+ print " Absolute: /var/local/squirrelmail/attach/\n";
print " Relative: ../attach/\n";
print "Relative paths to directories outside of the SquirrelMail distribution\n";
print "will be converted to their absolute path equivalents in config.php.\n\n";
/**
* Path to the data/ directory
*
+ * You need to create this directory yourself (see INSTALL).
+ *
* It is a possible security hole to have a writable directory
* under the web server's root directory (ex: /home/httpd/html).
- * For this reason, it is possible to put the data directory
- * anywhere you would like. The path name can be absolute or
- * relative (to the config directory). It doesn't matter. Here
- * are two examples:
+ * The path name can be absolute or relative (to the config directory).
+ * Here are two examples:
*
* Absolute:
- * $data_dir = '/usr/local/squirrelmail/data/';
+ * $data_dir = '/var/local/squirrelmail/data/';
*
* Relative (to main SM directory):
* $data_dir = SM_PATH . 'data/';
+ * (NOT recommended: you need to secure apache to make sure these
+ * files are not world readable)
+ *
* @global string $data_dir
*/
-$data_dir = SM_PATH . 'data/';
+$data_dir = '/var/local/squirrelmail/data';
/**
* Attachments directory
* list files in this directory. Confidential data might be laying
* around there.
* + Since the webserver is not able to list the files in the content
- * is also impossible for the webserver to delete files lying around
- * there for too long.
+ * is also impossible for the webserver to delete files lying around
+ * there for too long. You should have some script that deletes
+ * left over temp files.
* + It should probably be another directory than data_dir.
* @global string $attachment_dir
*/
* sent and regular output to begin, which will majorly screw
* things up when we try to send more headers later.
*/
-?>
\ No newline at end of file
+?>
+++ /dev/null
-*.pref
-*.abook
-*.sig
+++ /dev/null
-Deny from All
+++ /dev/null
-<?php
-
-/**
- * index.php
- *
- * Copyright (c) 1999-2005 The SquirrelMail Project Team
- * Licensed under the GNU GPL. For full terms see the file COPYING.
- *
- * This file simply takes any attempt to view source files and sends those
- * people to the login screen. At this point no attempt is made to see if
- * the person is logged or not.
- *
- * $Id$
- */
-
-header("Location:../index.php");
-
-/* pretty impressive huh? */
-
-?>
\ No newline at end of file
projects / squirrelmail.git / commitdiff