Marcus Boerger wrote:
agreed, also we are doing very much work on security. Thus new and regular updated systems shouldn#t have a problem with exposing this. And we cannot do anything for unmaintained systems anyway. Therefore i think we or any user should not be ashamed or fear having php being exposed.
With the fast response time to security problems that has been characteristic of the PHP project, and the fact that these problems (and their subsequent fixes) are usually widely (though often incorrectly) reported by the media, it can be nothing more than a choice to stay on old versions.
Therefore since they have chosen to stay on an older, possibly insecure, version, they also have the choice to turn expose_php off for themselves.
Jasper -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php