On 5 February 2015 at 10:24, Pierre Joye <pierre....@gmail.com> wrote: > I do understand what you try to achieve, from all point of view. > However I strongly disagree with this as a security improvement. I see > this more as yet another attempt to replace what should be done at the > OS level. >
I'm inclined to agree, this is just another mitigation against a specific vector, not a solution. I'm sure given a little bit of time a way to bypass it will be found. Also introducing this in PHP 7 will not fix all of the currently broken apps, nor will it get people to start using this method even if they do upgrade to PHP 7. I honestly think this is one of the cases where education is better . -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
