[TYPO3-dev] Solving existing session problems - sole technical approach - Even worse version of the problem: Involuntary hijacking
Christopher Lörken
christopher at loerken.net
Thu Feb 5 17:51:32 CET 2009
Update:
It seems that some accounts are more affected by this problem then
others. So different users reported that they were logged in for the
same user. Quite a coincidence with more than 2,000 logins per day I
would say...
Any ideas? Can there be a problem with computing the ses_id maybe?
I am even running with IP lock to the first 2 parts of the IP, but it
swaps the session freely to the wrong users...
I'm kinda lost here...
Greetings,
Christopher
More information about the TYPO3-dev
mailing list