diff options
Diffstat (limited to 'docs/xml/faq.xml')
| -rw-r--r-- | docs/xml/faq.xml | 130 |
1 files changed, 7 insertions, 123 deletions
diff --git a/docs/xml/faq.xml b/docs/xml/faq.xml index 59cb330d9..fbab94212 100644 --- a/docs/xml/faq.xml +++ b/docs/xml/faq.xml @@ -584,129 +584,6 @@ perl -pi -e 's@#\!/usr/bin/perl@#\!/usr/local/bin/perl@' *cgi *pl </answer> </qandaentry> - <qandaentry> - <question id="faq-phb-reloginEveryone"> - <para> - Why do users have to log in every time they access a page? This - affects everyone who accesses my Bugzilla. (If this only affects - some of your users, see the next FAQ item.) - </para> - </question> - <answer> - <para> - The most-likely cause is that the "cookiepath" parameter is not set - correctly in the Bugzilla configuration. You can change this (if - you're a Bugzilla administrator) from the editparams.cgi page - via the web. - </para> - <para> - The value of the cookiepath parameter should be the actual directory - containing your Bugzilla installation, <emphasis>as seen by the - end-user's web browser</emphasis>. Leading and trailing slashes are - mandatory. You can also set the cookiepath to any directory which - is a parent of the Bugzilla directory (such as '/', the root - directory). But you can't put something that isn't at least - a partial match or it won't work. What you're actually doing - is restricting the end-user's browser to sending the cookies - back only to that directory. - </para> - <para> - How do you know if you want your specific Bugzilla directory or the - whole site? - </para> - - <para> - If you have only one Bugzilla running on the server, and you - don't mind having other applications on the same server with it - being able to see the cookies (you might be doing this on purpose - if you have other things on your site that share authentication with - Bugzilla), then you'll want to have the cookiepath set to "/", or to - a sufficiently-high enough directory that all of the involved apps - can see the cookies. - </para> - <para> - Examples: - - <blockquote> - <literallayout> - urlbase is <ulink url="http://bugzilla.mozilla.org/"/> - cookiepath is / - - urlbase is <ulink url="http://tools.mysite.tld/bugzilla/"/> - but you have http://tools.mysite.tld/someotherapp/ which shares - authentication with your Bugzilla - cookiepath is / - </literallayout> - </blockquote> - </para> - - <para> - On the other hand, if you have more than one Bugzilla - running on the server (some people do - we do on landfill) - then you need to have the cookiepath restricted enough - so that the different Bugzillas don't - confuse their cookies with one another. - </para> - <para> - Examples: - - <blockquote> - <literallayout> - urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-tip/"/> - cookiepath is /bugzilla-tip/ - - urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-2.16-branch/"/> - cookiepath is /bugzilla-2.16-branch/ - </literallayout> - </blockquote> - </para> - - <para> - If you had cookiepath set to / at any point in the past and - need to set it to something more restrictive (i.e. /bugzilla/), - you can safely do this without requiring users to delete - their Bugzilla-related cookies in their browser (this is - true starting with Bugzilla 2.17.7 and Bugzilla 2.16.5). - </para> - </answer> - </qandaentry> - - <qandaentry> - <question id="faq-phb-reloginSome"> - <para> - Why do users have to log in every time they access a page? This - only seems to affect some of my Bugzilla's users, others stay - logged in. - </para> - </question> - <answer> - <para> - First, make sure cookies are enabled in the user's browser. - </para> - <para> - If that doesn't fix the problem, it may be that - the user's ISP implements a rotating proxy server. This causes - the user's effective IP address (the address which the Bugzilla server - perceives him coming from) to change periodically. Since - Bugzilla cookies are tied to a specific IP address, each time - the effective address changes, the user will have to log in again. - </para> - <para> - In newer versions of Bugzilla (2.17.1 and later) there is a - parameter called "loginnetmask", which you can use to set the - number of bits of the user's IP address to require to be matched - when authenticating the cookies. If you set this to something less - than 32, then the user will be given a checkbox for "Restrict this - login to my IP address" on the login screen, which defaults to - checked. If they leave the box checked, Bugzilla will behave the - same as it did before, requiring an exact match on their IP address - to remain logged in. If they uncheck the box, then only the left - side of their IP address (up to the number of bits you specified in - the parameter) has to match to remain logged in. - </para> - </answer> - </qandaentry> - </qandadiv> <qandadiv id="faq-security"> @@ -719,12 +596,19 @@ perl -pi -e 's@#\!/usr/bin/perl@#\!/usr/local/bin/perl@' *cgi *pl (I've followed the instructions in the installation section of this guide)? </para> </question> + <!-- Should we really even answer this question? --> <answer> <para> Run MySQL like this: "mysqld --skip-grant-tables". Please remember <emphasis>this makes MySQL as secure as taping a $100 to the floor of a football stadium bathroom for safekeeping.</emphasis> </para> + <warning> + <para>This can't be stressed enough. Doing this is a bad idea. + Please consult <xref linkend="security-mysql"/> of this guide and + the MySQL documentation for better solutions. + </para> + </warning> </answer> </qandaentry> |