Hi! > Recently we voted on classification criteria for security bugs [1], we > include under "not an issue" any issue that "requires invocation of > specific code, which may be valid but is obviously malicious". > > I would like to add an explicit clause under the "not an issue" section for > anything related to FFI.
I agree, most of the issues with regard to FFI would not qualify as security issues, and we may as well state that explicitly. -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
