Package: squirrelmail Version: 1.4.4-8 The plugin 'administrator' can authenticate which user has access to administrating the squirrelmail configuration by two ways. One of them is by listing the lines in a file called 'admins'. The other one is by determining whether the config.php file is owned by a system user named equally to the IMAP user provided.
There is an issue with the second way. The line 39 of the file /usr/share/squirrelmail/plugins/administrator/auth.php should look like } else if (($adm_id = fileowner(SM_PATH . 'config/config.php')) && instead of } else if ($adm_id = fileowner(SM_PATH . 'config/config.php') && so $adm_id is assigned the result from fileowner instead the the boolen result from the fileowner(...)&&function_exists(...) expression. Regards, Eloi Granado
pgpdRq0MByeOz.pgp
Description: PGP signature
