Ok. I think, I go too much off topic. Sorry. But I want to repeat - we never know in which context the program will run. And good security means, thait it shouldn't care, in which context it runs. - everything, which can go wrong will go wrong (Murphy); if there is any chance to make it wrong, there will be someone, which make it wrong. (and in this case they will point to PHP: "see, I have said it is unsecure..." :) ). - in security context this means: The hashes will be stolen/we can login without password etc. - No documentation or any other thing can prevent that - So we need to do everything, which is possible to avoid it. The best thing would be, that we can guarantee, that it is not possible. - As positive side-effect we can have more possibilities in PHP :)
More off topic: Let me explain that last sentence: I dont know exactly how this can be implemented, but I think every warning, error and so on could be an exception instead. Just an idea, but I think this can remove complexity, because - even if I think the current error-handling is quite well designed - it is a source of sercurity-problems (and some other more or less ugly things). I think about a default exception-handling which can be overridden (like the error-handlers). Could be an interesting concept. :) And of course its something which needs time. -- Sevus Alex Aulbach -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
