Hi, Currently, some directives such as "expose_php" or "allow_url_fopen" can only be changed on the PHP_INI_SYSTEM level, which in some cases apparently even means through php.ini only.
Wouldn't it make sense to allow "tightening" of these values in, say, a PERDIR contexts? So "expose_php" can be disabled in an FPM config, but not enabled? This would, I think, be useful for several directives that could then be set to a "safer" setting on a per-dir basis, such as: - expose_php - allow_url_fopen - allow_url_includes (if set to "1" in system) - disable_functions/classes (only additions to the list allowed) Thoughts? David -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
