Set session.cookie_path in nginx config

This keeps the security when using the default config

Author: MrWinux

conf/nginx-alldomains.conf

@@ -42,6 +42,8 @@
 		fastcgi_split_path_info ^/mail(/.*)()$;
 		fastcgi_index index.php;
 		fastcgi_param SCRIPT_FILENAME /usr/local/lib/roundcubemail/$fastcgi_script_name;
+        # ensure roudcube session id's aren't leaked to other parts of the server
+		fastcgi_param PHP_VALUE "session.cookie_path=/mail/";
 		fastcgi_pass php-fpm;
 
 		# Outgoing mail also goes through this endpoint, so increase the maximum