Hi!
Nevertheless PHP 5.3.9 introduced a vulnerability because PHP.net cloned one of those "we see no need for any features" features.
Vulnerability was introduced because of the security fix for a specific problem, that unfortunately was done incorrectly. If this feature were requested before and it were motivated, the fix would appear earlier. As you are not interested in doing this and nobody else did this too, it did not happen. That's all there is to it. It is sad that you seem to frame this as if there's some conflict between PHP as a project and yourself, where PHP project members engage in war against you and at the same time "clone" your ideas. It is very unfortunate way of approaching it and very unproductive one. Your complaints with Pierre notwithstanding - and I will not discuss them, you're both grown ups and can do it without me - I think it would be much more helpful to continue the cooperation on technical matters. I would want it to be better, but it takes two to tango, so if it's not to be, so be it. I just want to make it clear that the invitation is there. And of course we will "clone" any security feature that we think will make overall working with PHP better - if and when we see this is the case.
And BTW you cannot play the: It is Pierre you know him card. The PHP developers are free to step up and say publicly that Pierre's view is not that of the developers. But you choose to not to do so. So you are behind him.
If it was not clear that Pierre's views are Pierre's views, and my views are my views, and anybody else's views in PHP project is his views and we don't share a hive mind but instead each has his own mind and thus has independent views and capable of discussing them and hashing out inevitable differences in views and disagreements and we regularly and publicly do it - here's you declaration, this is exactly the case. We're a diverse group of individuals having a lot of differences but a common goal of supporting the PHP project.
-- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
