Hi Pierre, On Thu, Feb 5, 2015 at 7:24 PM, Pierre Joye <pierre....@gmail.com> wrote:
> I do understand what you try to achieve, from all point of view. > However I strongly disagree with this as a security improvement. I see > this more as yet another attempt to replace what should be done at the > OS level. > I should have mentioned that OS level protection cannot be perfect neither. For example, if app allow uploading image files, OS must allow access to image files. SInce PHP includes script with embedded mode, attacker can easily embed attack script in image files.... Regards, -- Yasuo Ohgaki yohg...@ohgaki.net
