I just started tracking -current on a box and noticed that the hardened-php project's Suhosin-patch [1] had been brought into the php5-core port. Is this patch's full range of protection in place by default, or does the user need to modify PHP's configuration to include settings [2] to enable the protection? Is anything enabled by default?
[1] http://www.hardened-php.net/suhosin/index.html [2] http://www.hardened-php.net/suhosin/configuration.html -- Darren Spruell [EMAIL PROTECTED]
