-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Stefan,
Stefan Esser wrote: > GRASP by Coresecurity > * pro: byte level tainting which actually works > * negativ: slow > > PHP Taint mode by Wietse Venema/IBM > * pro: faster > * negativ: broken design+insecure I don't see a big problem with having a slow but working taint mode in development environments while not having a taint mode in production environments. The question - as always - is, how big the performance impact really is. - - Sebastian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (MingW32) iD8DBQFHQTsxsvwfldR9VeARAj0dAJ9KGDy0g92AK0sB+kpWxGn3k52NjACgnbt8 3J6K0b7bOuIXWrH3F5ylnHs= =kb6h -----END PGP SIGNATURE----- -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php