Hi, >> This is bad. And there is no point arguing this fact. > > Yes, this was bad. Agreed. It was a mistake. Mistakes happen. We fixed > it and hopefully learned from it.
Yes mistakes do happen to everyone and we all hope to learn from them. And some of us like to buy insurances so that there is protection in case anything goes wrong. And because we know that everyone makes mistakes we add additional layers of protection. In case of PHP this is Suhosin. In case of Apache this is mod_security. In case of Linux it is better Grsecurity (and not the other stuff). And in case of webservers in general people buy web application firewalls. >> These are all basic prinicples of security mitigations. Why is there >> a need to write up RFC about these things. They are widely accepted >> by other software vendors/products. > > Because there's a difference between principles and applying them in a > particular manner in particular patch to particular software. The > responsibility of core PHP developers it to evaluate the specific solutions > and patches and decide if they are good or not. Regardless of how well or > badly it was done in specific cases in the past, this is what should be done. > If the author of the patch doesn't want to do this - well, ok, so he would > have his patch and we probably won't, unless we find other ways to do it - > maybe even the worst way possible, by having security problem illuminate the > need - but I see no way around it. The patches are available for everyone. You can download them at http://suhosin.org - also everyone can use them for free. Everyone can just take them and merge them into PHP. But it will not be me. As I previously stated I can live with a few percent less performance or more memory usage due to memory canaries. (The later can actually be largely improved and I have plans to do it somewhen in the next months). However I know that memory canaries will never go into PHP mainline. And knowing that tells me that I have to keep Suhosin anyway as a project. And therefore people should use it. And all those that maybe cannot live with this impact can already use Suhosin today and just disable the memory canaries via environment variables. Regards, Stefan -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
