[RCU] problem with old old stable version 0.1.1
chasd
chasd at silveroaks.com
Wed Nov 18 00:08:39 CET 2009
On Nov 12, 2009, at 5:08 AM, fakessh at fakessh.eu wrote:
>> Even if that means your server will be compromised ?
> my system did not seem to be compromised
> and how do I know, yes or no compromise
You may not know, that is one of the problems.
A server can get compromised and it is difficult to find a trail that
shows you.
There was a message posted to the RoundCube Development list on 11
Nov titled " html2text conversion script vulnerability " you might
want to read from the archives.
I see from one of your later posts you upgraded, I am thankful.
As for your problem :
I would make sure the " logs " directory in the " roundcubemail "
directory is writable by the web server process. That is where the
logs are written, and if the web server process doesn't have
permissions to write to that directory, you won't get logging.
PHP errors should be written to the web server log, which should be
at /var/log/httpd/error_log.
You should make sure logging to that file is turned on in the /etc/
php.ini file.
I would recommend you deploy RoundCube on a server not connected to
the internet first. That way you could allow PHP to display errors on
the web page. Then, once you get RoundCube working on a test server,
you can deploy it on a public-facing internet server.
--
Charles Dostale
System Admin - Silver Oaks Communications
http://www.silveroaks.com/
824 17th Street, Moline IL 61265
_______________________________________________
List info: http://lists.roundcube.net/users/
More information about the users
mailing list