[RCD] /bin utilities

Dennis P. Nikolaenko dennis at nikolaenko.ru
Wed Dec 10 13:37:46 CET 2008


Kris Steinhoff wrote:
> While it is still unclear whether or not there is a problem with 
> bin/html2text.php (http://trac.roundcube.net/ticket/1485618), maybe it's worth 
> considering adding session checking to all of the utilities in the bin 
> directory. If a vulnerability exists in a utility, then having a session check 
> will limit or complicate its exploitation.
>
> The way quotaimg.php was doing session checking could be used in the other 
> utilities. (quotaimg.php's session checking was removed in October: 
> http://trac.roundcube.net/changeset/2012).
>
> -kris
I have never seen the quota in the works as my environment does not yet 
require quotas for users.
Is worth to have it as an image? A two-cell table styled to produce a 
"progress bar" may be a simpler and more efficient solution.
--
Dennis
_______________________________________________
List info: http://lists.roundcube.net/dev/



More information about the Dev mailing list