Am 02.02.2012 14:38, schrieb Pierre Joye: > About the current flaw affecting 5.3/4, PHP and suhosin had bugs, and > will have bugs. This is not really hot news. That does not affect this > discussion. > > I, for one, like the idea to finally see distros droping Suhosin and > focus on making PHP itself better and safer instead of distracting us > and our users with custom patches or extensions.
yes, but suhosin-extension and hardening patch exists since many years the question from a normal user: why are these things not included in the core? especially the option to disable function by directory while "disable_functions" is stupidity shown in phpinfo() per dir but never active?
signature.asc
Description: OpenPGP digital signature
