- SECURITY WARNING - SquirrelMail saves non plaintext passwords in
- PHP's session data to log on to the IMAP server. If a user has
- access to write PHP scripts on your system and knows the location
- where PHP stores session data, he could get a listing of the
- sessions being used and then read a given session's data with his
- own PHP script. Caution should be used when setting up permissions
- and locations of php.ini and the session data.
+ SECURITY WARNING - If a user has access to write PHP scripts on your
+ system and knows the location where PHP stores session data, he
+ could get a listing of the sessions being used and then read a given
+ session's data with his own PHP script. Caution should be used when
+ setting up permissions and locations of php.ini and the session data.