Hello, > I only say a few words and then i will be silent > I tend to agree with Linus on this one "Security people are insane"
Yes and the security community thinks that Linus is insane for his view on security topics. > Not words : write RFC(docs),patches with sane techincal disscussions > or a pluggable architecture with extensions and rules, something like > is done with LSM http://en.wikipedia.org/wiki/Linux_Security_Modules > or mod_security in apache It is funny that you come to this thread not knowing what you are talking about and say we should do something like mod_security for Apache. You obviously have no idea that the majority of Suhosin features is already inside an extension to PHP. The only stuff not inside that extension are features that need to be in the core and therefore cannot be in an extension. And these mitigations inside the core are stuff like memory manager canaries that are considered too much a performance impact by PHP.net. Therefore these patches have to be in a separate patch. Therefore all the features are in the patch. Regards, Stefan -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
