On Sat, Aug 4, 2012 at 9:57 PM, Yahav Gindi Bar <g.b.ya...@gmail.com> wrote: > We had dl() until it was deprecated, and even when we got it I guess that > administrators disabled the dl() method because of security reasons. > However, PECL got limited extensions which, as long as I know, does not put > the server into security risks (maybe I've said something VERY STUPID right > now, so excuse me...)
PECL extensions are C code. "C code" is programmer slang for "security risk". I mean, seriously, extension code can be pretty much everything. Allowing people to load extensions from userland would go beyond fatal. Nikita -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
