On Thu, Jan 19, 2017 at 6:18 AM, Ben RUBSON <ben.rub...@gmail.com> wrote:
> As proposed by cmb (thank you !), I open a discussion regarding req #65386 :
> https://bugs.php.net/bug.php?id=65386
>
> It summarizes requests around disable_functions directive :
> - modification of disable_functions to be a PHP_INI_SYSTEM directive ;
>
Could you clarify? `disable_functions` *IS* a PHP_INI_SYSTEM directive:
PHP_INI_ENTRY("disable_functions", "", PHP_INI_SYSTEM, NULL)
> - implementation of enable_functions as a PHP_INI_SYSTEM directive ;
>
I'm not a big fan of a whitelist for weakening/overriding a blacklist setting.
There's also a technical hurdle here due to the way that functions are
(currently) disabled. It's INI_SYSTEM because enabling/disabling on a
per-request (per vhost essentially means per request) basis means a
lot more heavy lifting than disabling on a system-wide level (we just
replace the function implementation in the global table with a STFU
message).
func->handler = ZEND_FN(display_disabled_function);
> - support of wildcards in these 2 directives.
>
I could potentially get down with wildcards. It's way easier to
exhaustively cover an entire class of functions, but if the goal is to
disable an entire extension's worth of functions, wouldn't one
just.... not load that extension?
I understand this part makes more sense with the `enable_functions`
idea, but... see above.
-Sara
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
