It's not stupid to prevent them from being made. But that's not what
an admin does. When the admin comes into play, the application is
already "made" and employed. The admin just prevents it from working as the
developer and the qa-team intended.
The admin is deciding what is allowed on his system and what not. Any
application that cannot deal with different setups is simply broken.
Same for register_globals/magic_quotes_gpc. If your application does not
behave in the same way with any of these features turned on or off, it
is simply broken.
Stefan
ps: and yes there is a bunch of PHP Applications that rely on
register_globals=Off and are totally unsecure with register_globals=On.
This says alot about the code quality.
--
--------------------------------------------------------------------------
Stefan Esser [EMAIL PROTECTED]
Hardened-PHP Project http://www.hardened-php.net/
GPG-Key gpg --keyserver pgp.mit.edu --recv-key 0x15ABDA78
Key fingerprint 7806 58C8 CFA8 CE4A 1C2C 57DD 4AE1 795E 15AB DA78
--------------------------------------------------------------------------
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
