Hi Stats,

Thanks to Perrie, I realized I should try to this patch to be accepted
for 5.4 branch.

As you may already knew, session adoption is "real" threat for PHP
applications. Therefore, this patch should be in 5.4.0 for better
security.

In case of you've missed why session adoption is real threat for PHP
applications, please try to set the same cookies to various path and
domains. Then check and compare the result with IE and Chrome/Firefox.
This patch is really needed for PHP.

Regards,

--
Yasuo Ohgaki
yohg...@ohgaki.net

-- 
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to