Gareth Ardron wrote:
Rasmus Lerdorf wrote:
TCP/IP Firewalls break all sorts of applications as well until either the application is modified to poke a hole in the firewall itself via upnp, or you reconfigure the firewall. This makes firewalls annoying, but they are necessary. This is exactly the same thing. It is a data firewall for PHP. You don't have to use it, but people want it and need it.
I would think the difficulty would be in informing people that functionality like this is only the start of good security.
Maybe a proper, official, howto on PHP security should be drawn up
The phpsec group started a project to do just that: http://www.phpsec.org/
There are no silver bullets here. Also homogenic solutions are not what you want for security either. Basically what we can do is make the big nono's known and provide tools that as transparently as possible enhance security. If using filters requires people to jump through hoops there is little gain if any.
regards, Lukas
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
