On 15-Dec-06, at 5:31 PM, Wietse Venema wrote:
Ilia Alshanetsky:
On 15-Dec-06, at 4:16 PM, Stanislav Malyshev wrote:
Sounds awefuly like yet another safe_mode, something that
proclaims security, yet being unable to provide it.
Repeating my comments on that, I think that it can be done not like
safe_mode, if we take different approach. Namely, not "mark unsafe,
accept otherwise" but "mark safe, deny otherwise".
Ok this is better, but it will break every single application out
there. I for one think that this is unacceptable.
Remember, taint checks are turned off off by default. Nothing
breaks.
In theory, you need to consider that many ISPs and users will
interpret taint mode == secure and enable it causing much grief to
distributable application writers who need to accommodate every
environment.
Ilia Alshanetsky
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
