Rasmus Lerdorf wrote:
TCP/IP Firewalls break all sorts of applications as well until either the application is modified to poke a hole in the firewall itself via upnp, or you reconfigure the firewall. This makes firewalls annoying, but they are necessary. This is exactly the same thing. It is a data firewall for PHP. You don't have to use it, but people want it and need it.
I would think the difficulty would be in informing people that functionality like this is only the start of good security.
Maybe a proper, official, howto on PHP security should be drawn up - or it'll just leave people blindly using things like this. To go back to the firewall analogy, it's like putting the most expensive firewall in the world in place, behind which are a dozen totally unpatched microsoft exchange server and a linux box running bind 8.0.
Again, just my 2c.
-- Gareth Ardron
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
