User: Password:
|
|
Subscribe / Log in / New account

Debian and Suhosin

Debian and Suhosin

Posted Feb 11, 2012 19:52 UTC (Sat) by bronson (subscriber, #4806)
Parent article: Debian and Suhosin

This sounds like a good decision. It doesn't take many patches before packagers are forking and developing more than they're packaging. That gets confusing for everyone.

Ideally both php-vanilla and php-suhosin packages would be available so end users can choose for themselves. If there's not enough time to maintain two packages then vanilla PHP should go in the repos first.

And, Suhosin or no Suhosin, if you're hosting a popular PHP app then you WILL get owned at some point. With the proper mindset and preparation, the hundreds of serious PHP vulns are not that a big deal.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds