I did support it, but IIRC a security implications of having it enabled were also a major concern and perhaps the deciding factor in having this option disabled.
Right & wrong. Yes, they were security implications, but not inherent to the feature itself. The security implications were simply a result of the fact that it was very easy to abuse it. You can write rock-solid secure code with register_globals enabled, we just wanted to eliminate this pitfall.
Are we saying that we only take the possibility of abuse as a factor when we're dealing with security issues? I don't think we should differentiate between security and reliability considerations, and we certainly haven't in the past.
Zeev
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
