[mythtv-users] MythWeb - sessions problem

Sean Burlington sean at uncertainty.org.uk
Fri Oct 8 11:56:18 UTC 2004

Ciaran wrote:
> On Fri, 08 Oct 2004 09:49:57 +0100, Sean Burlington
> <sean at uncertainty.org.uk> wrote:

>>I had a problem with sessions which I resolved by commenting the line
>>#    php_value session.save_path             php_sessions
>>in /usr/share/mythtv/mythweb/.htaccess
>>This was setting the path for storing mythweb session to a directory
>>that didn't exist.

> Cheers for that Sean, that error message has been bugging me for a
> while :)  COmmenting that out fixed it nicely,  however is this path
> not required?

looking more closely it might be better from a security standpoint to 
create the directory

I don't think there is any functional reason why it matters

But since anyone with access to mythweb can already delete all my stored 
programs or use all my CPU, disk space etc - session hijacking is the 
least of my worries.


session.save_path defines the argument which is passed to the save 
handler. If you choose the default files handler, this is the path where 
the files are created. Defaults to /tmp. See also session_save_path().


If you leave this set to a world-readable directory, such as /tmp (the 
default), other users on the server may be able to hijack sessions by 
getting the list of files in that directory.

More information about the mythtv-users mailing list