hi, On Fri, Feb 3, 2012 at 1:48 AM, Soenke Ruempler - Jimdo <soe...@jimdo.com> wrote:
> _YOUR_ responsibility as the provider (READ: provider) of a > programming-language is to provide a secure environment in favor a > micro-optimized performance. This is in so many ways wrongly formulated. This is what we do, always. Today (as in the last years) security is our top concerns. The only responsibility we have is to deliver the best possible PHP. And this always has been a matter of compromises. > Please first provide a default secure config and second you might > document the more unsecure setting by saying "you know what you do". That's the case. If you know areas where we do not that, please let us know. > Do not respect him for how (bad) he's communicating things, respect him > for what he coded. We are coders. > > Be humble and get shit done. Really. For one, I am. I have been asking for years now to propose the missing features so we can include them if desired. I myself implemented features that happen to be provided by Suhosin. But to ask us to take all or nothing is not going to happen as we are not convinced at all that everything in Suhosin is actually a good thing. The RFC process now allows everyone to propose such thing, including you or Stefan (who still refused to do it). Happy proposing! And I will be the 1st to welcome you. Now that it is cleared (was already before, but better three times than none), can we get back to the technical details of this discussion and see what are actually the technical issues behind this decision? Cheers, -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
