On Tue, Jun 7, 2011 at 3:10 PM, Reindl Harald <h.rei...@thelounge.net>wrote:
> > > Am 07.06.2011 15:08, schrieb Ferenc Kovacs: > > On Tue, Jun 7, 2011 at 3:04 PM, Reindl Harald <h.rei...@thelounge.net > >wrote: > > > >> > >> > >> Am 07.06.2011 14:44, schrieb David Muir: > >>> On 07/06/11 18:40, Reindl Harald wrote: > >>>> there is a reason for example to disallow many functions > >>>> on a webserver - so every API has to make sure they > >>>> can not be bypassed > >>>> > >>>> "because we can" is no valid reason for everything because > >>>> we can install binary extension as they exist now and > >>>> if you can not you are missing the permissions for some > >>>> good reasons > >>>> > >>> > >>> So you're saying that PECL, PNI or FFI should should be actively > >>> discouraged because of security concerns? > >> > >> WHERE i said this? > >> PECL-Extensions can NOT be enabled by the user > >> > >> > > except if dl is enabled of course. > > i think nobody out there will enable this and hope such > crazy things are not enabled by default! > > sadly there are many crazy people out there: http://www.google.hu/#sclient=psy&hl=hu&source=hp&q=intitle:phpinfo()+enable_dl&aq=f&aqi=&aql=&oq=&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=580ca0074daf5780&biw=1280&bih=939 Tyrael
