Hi Stas, On Sun, Oct 30, 2016 at 2:21 PM, Stanislav Malyshev <smalys...@gmail.com> wrote: > So I wrote a first version of the document Anatol mentioned: > > https://wiki.php.net/security > > Please comment. Fixes to the grammar and typos are especially welcome > (you can just do them in the wiki without asking :)
Nice work! Reasonable content. It may better to include Q&A for open_basedir that bypassing open_basedir restrictions via module features are not considered as security bugs. open_basedir restriction is to mitigate impact on unwanted PHP code execution, not a complete solution. We have "security bug" in document also. It may be better to mention them and encourage users to report this kind of bug also. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
