I just saw that a /home/tmp was created with a da_user session file in it with ip and user account data. At first I thought it was a hack attempt with a misdirected file copy to /tmp :) I would like to know what triggered it. Thanks!

I just tried the same on my server, and get the same. But mine seems to be encypted. -Jason

Hello,

That's where DA stores it's tmp info. You can set the tmp directory in the directadmin.conf. The da_sess* files are the DirectAdmin session files. It's normal. :)

John

Ah, well the reason for my paranoia was that it wasn't there at first (I think). Just wanted to know if a user creates a database this happens or something else that requires a da_session? I'm probably seeing ghosts here :)

Should the information in the da_session be encrypted btw? I see the user ip adres plus username and password..

Hello,

The password is. The rest isn't (As you can see). The permissions on the files should be such that nobody else can get at them.

John

Mine are completly encrypted. You can not see the user id password or IP.
Any way it doesn't matter if it is encrypted or not. If you have access to see the file then you can do anything you want regardless.

True, just wanted to know why mine is not and others are encrypted. Better safe then sorry :)