On Wed, August 22, 2007 3:31 pm, mike wrote:
I thing a good FAQ entry would be how this patch fits in with
Suhosin
and what are the comparable/conflicting concepts, are they
compatible
with each other etc.
http://www.hardened-php.net/suhosin/a_feature_list.html
Both systems are liable to
Ezequiel Gutesman wrote:
CORE GRASP for PHP is a web-application protection software aimed at
detecting and blocking injection vulnerabilities and privacy violations.
As mentioned during its presentation at Black Hat USA 2007, GRASP is
being released as open source under the Apache 2.0 license
I thing a good FAQ entry would be how this patch fits in with Suhosin
and what are the comparable/conflicting concepts, are they compatible
with each other etc.
http://www.hardened-php.net/suhosin/a_feature_list.html
Both systems are liable to appeal to the same sort of people so it makes
mike wrote:
I thing a good FAQ entry would be how this patch fits in with Suhosin
and what are the comparable/conflicting concepts, are they compatible
with each other etc.
http://www.hardened-php.net/suhosin/a_feature_list.html
Both systems are liable to appeal to the same sort of people so
-Original Message-
From: mike [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 22, 2007 1:32 PM
I thing a good FAQ entry would be how this patch fits in
with Suhosin
and what are the comparable/conflicting concepts, are they
compatible
with each other etc.
On 8/22/07, M. Sokolewicz [EMAIL PROTECTED] wrote:
because such options slow down the execution of every PHP script, even
though disabled.
compile time options wouldn't be much of a slowdown.
and in my mind, with CPU power being quite cheap, i could see it being
more valuable to have more
Daevid Vincent wrote:
-Original Message-
From: mike [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 22, 2007 1:32 PM
I thing a good FAQ entry would be how this patch fits in
with Suhosin
and what are the comparable/conflicting concepts, are they
compatible
with each other etc.
On 8/22/07, Chris [EMAIL PROTECTED] wrote:
That's a completely wrong assumption. PhpBB has had a lot of
vulnerabilities in the past, as has php-nuke and other popular packages.
They've been around for years and not written by newbie's as far as I
know - but I don't have any link to either
mike wrote:
On 8/22/07, Chris [EMAIL PROTECTED] wrote:
That's a completely wrong assumption. PhpBB has had a lot of
vulnerabilities in the past, as has php-nuke and other popular packages.
They've been around for years and not written by newbie's as far as I
know - but I don't have any link to
On 8/22/07, Chris [EMAIL PROTECTED] wrote:
I'm agreeing with the ideas behind Grasp Suhosin - I'm just
disagreeing with Daevid's comment about them only being for 'newbie'
installations.
oh, most definately. i consider myself a very tight coder - but i'd
prefer to have them in my PHP install
10 matches
Mail list logo
