(I realize that I haven't got any karma here. Just want to offer a users point of view. :))
I think this would make a great addition. Just not for educational purposes, but also to help experienced developers avoid missing holes. Ilia wrote:
safe_mode is/was off by default to, and yet a good chunk of hosts enabled it under the assumption it would make their setups secure.
What about making it something that has do be enabled explicitly during runtime? People are used to to doing session_start(); on the top of every page so for those who wants it doing set_taint_detection(TRUE); or something equivalent wouldn't be that much of a problem. Even if there would be a ini option for it, I believe this will make a bit of a different impression. First of all this would just add security for the actual php developers. It won't really have an impact on server security in well configured environment. Second, a lot of applications would break, and that wouldn't be very popular among the users. Third, I think documentation means a lot here. If it's made sure that it's not painted out to be something it's not one can surely avoid such a issue.
I think people generally follow the path of least resistance and for compat purposes I suspect most application will simply create a quick wrapper to **untaint** all input data so they can use it within their application without worrying about tainting getting in the way.
But if it's not enabled by default it wouldn't make any sense to enable it just to by-pass it.
All it means that this breaks every applications and the security benefits are somewhat ambiguous, but in all fairness the full consequences are hard to predict without sample code.
Still, bc isn't an issue if it isn't enabled by default. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
