On Thu, Nov 29, 2001 at 04:46:46PM -0500, John Madden wrote: > > By default, phpa's cache is stored in /tmp, a generally-world-readable > location, using the server user's default umask, which is often 022. > > Since these cache files can contain information related to a web > application (authentication, authorization, session information, etc.) or > personal information (I'm using phpa for squirrelmail, for example), this > seems to be something of a security or privacy risk. Hi John and thanks for this thought. You are correct, but the documentation clearly indicates how the cache directory can be changed from ini files or Apache config/access files. The default is one that should always work. Users are encouraged to read the documentation and take advantage of the features to ensure greater security and customisation as appropriate to their own needs. Perhaps adding something to the small FAQ would be a good idea though to point out what you say and how it can be overcome. Nick ------------------------------------------------------------------------ www.php-accelerator.co.uk Home of the free PHP Accelerator To post, send email to phpa@xxxxxxxxxxxxx To unsubscribe, email phpa-request@xxxxxxxxxxxxx with subject unsubscribe