|| ||Stefan Esser <stefan-AT-nopiracy.de> |
|| ||Pierre Joye <pierre.php-AT-gmail.com> |
|| ||Re: [PHP-DEV] Suhosin patch disabled by default in Debian php5 builds |
|| ||Fri, 3 Feb 2012 10:41:04 +0100|
|| ||Soenke Ruempler - Jimdo <soenke-AT-jimdo.com>,
PHP internals <internals-AT-lists.php.net>|
|| ||Article, Thread
> Again, please tell me which part of Suhosin would make sense to have
> in the core? With technical explanation or details. Then we can begin
> a good discussion and maybe a RFC to get them in.
what part of "all of it and I am not going to try to convince you about this" do you not
I am not interested in pushing Suhosin into PHP mainline. Why in hell would I want that. If Suhosin
gets absorbed by PHP.net then I would have to start a new project, because there are tons of
mitigations I can think up that will be implemented at some point in time and will never make it
into PHP mainline.
With Suhosin existing I am free to implement as many security mitigations I like and do not have to
beg the PHP developers to consider adding something.
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
to post comments)