On 15/07/12 22:07, Alex Aulbach wrote: > 2012/7/14 Andrew Faulds <ajf...@googlemail.com>: >> Well... if people have poorly configured servers spitting out debug >> info in production mode, I don't think it is our problem. It is >> theirs. > Do you want to make it secure or do you want to discuss? Seems Andrew mail didn't get to the list. Yes, production servers shouldn't be showing debug info. But we know that a large fraction of them do. As coder of a php application, I often can't set the configuration of the system where it will be installed. Sometimes not even the person installing it can set it correctly (eg. shared hostings), it can be changed under your foot (eg. an update, someone did so to debug a different application...) or even be set explicitely (I want my users to warn me when they see errors !). If spitting out errors prevented XHTML validation, I wouldn't care that much (obviously, the code shouldn't generate the warning to begin with, but it's not a big deal if users were briefly shown it). But we are talking about passwords and password hashes. Not something you want to risk exposing. Specially when we are trying to make a good interface to encourage secure handling of passwords.
PS: Alex, your non-displayable exception would indeed work (although I would make it a class property). -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php