On Mon, 1 Nov 2004 01:19:54 +0300, Antony Dovgal <[EMAIL PROTECTED]> wrote:
> On Sun, 31 Oct 2004 10:46:28 -0800
> Sterling Hughes <[EMAIL PROTECTED]> wrote:
>
> > I still consider adding such things wrong
>
> Sterling, I still think that you can be right, but I'd
> like to hear some argument
On Sun, 31 Oct 2004 10:46:28 -0800
Sterling Hughes <[EMAIL PROTECTED]> wrote:
> I still consider adding such things wrong
Sterling, I still think that you can be right, but I'd
like to hear some arguments.
"This is wrong" or "this is silly" aren't too informative.
--
Wbr,
Antony Dovgal ak
I still consider adding such things wrong
-sterling
On Sat, 30 Oct 2004 15:51:12 +0400, Antony Dovgal <[EMAIL PROTECTED]> wrote:
> On Fri, 29 Oct 2004 16:26:08 +
>
>
> Curt Zirzow <[EMAIL PROTECTED]> wrote:
>
> > * Thus wrote Antony Dovgal:
> > > On Fri, 29 Oct 2004 01:04:23 -0700
> >
On Fri, 29 Oct 2004 16:26:08 +
Curt Zirzow <[EMAIL PROTECTED]> wrote:
> * Thus wrote Antony Dovgal:
> > On Fri, 29 Oct 2004 01:04:23 -0700
> > Sterling Hughes <[EMAIL PROTECTED]> wrote:
> >
> > > no curl does not need to respect php's safemode, adding such
> > > checks at this level is w
On Fri, 29 Oct 2004, Curt Zirzow wrote:
> * Thus wrote Antony Dovgal:
> > On Fri, 29 Oct 2004 01:04:23 -0700
> > Sterling Hughes <[EMAIL PROTECTED]> wrote:
> >
> > > no curl does not need to respect php's safemode, adding such
> > > checks at this level is wrong. people who compile curl, can
On Fri, 29 Oct 2004, Paul G wrote:
> and what happens in the (admittedly unlikely) case where something else on
> the same box depends on that feature being available in libcurl?
They can build two copies of cURL.
-adam
--
[EMAIL PROTECTED]
author of o'reilly's "upgrading to php 5" and "php co
- Original Message -
From: "Derick Rethans" <[EMAIL PROTECTED]>
To: "Adam Maccabee Trachtenberg" <[EMAIL PROTECTED]>
Cc: "Klaus Reimer" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Friday, October 29, 2004 12:55 PM
Sub
On Fri, 29 Oct 2004, Adam Maccabee Trachtenberg wrote:
> On Fri, 29 Oct 2004, Klaus Reimer wrote:
>
> > Sterling Hughes wrote:
> > > no curl does not need to respect php's safemode, adding such
> > > checks at this level is wrong. people who compile curl, can do so
> > > without local file a
* Thus wrote Antony Dovgal:
> On Fri, 29 Oct 2004 01:04:23 -0700
> Sterling Hughes <[EMAIL PROTECTED]> wrote:
>
> > no curl does not need to respect php's safemode, adding such
> > checks at this level is wrong. people who compile curl, can do so
> > without local file access, and this will
On Fri, 29 Oct 2004 11:13:33 +0200 (CEST), in php.internals
[EMAIL PROTECTED] (Derick Rethans) wrote:
>Myth: Safe mode makes a PHP installation safe.
>Wrong! It might make it a bit safer, but there is always a possibility
>to work around it.
On the other hand, I think it's a pity not to freshen u
On Fri, 29 Oct 2004, Klaus Reimer wrote:
> Sterling Hughes wrote:
> > no curl does not need to respect php's safemode, adding such
> > checks at this level is wrong. people who compile curl, can do so
> > without local file access, and this will solve their problem.
>
> What about people who
Derick Rethans wrote:
Myth: Safe mode makes a PHP installation safe.
I never said this.
webserver, not of a scripting language and therefore we shall not put
hacks in extensions because libraries do not adhere to safe mode.
If there IS a possibility to make safe-mode a little bit more secure why
On Fri, 29 Oct 2004, Klaus Reimer wrote:
> Safe-mode is a feature of PHP so PHP should make sure that this feature
> is working with all functions included in PHP if it's possible to secure
> the function (otherwise the user must disable it). And there is already
> a patch to do it, so it seems to
Sterling Hughes wrote:
no curl does not need to respect php's safemode, adding such
checks at this level is wrong. people who compile curl, can do so
without local file access, and this will solve their problem.
What about people who use precompiled packages like the Debian packages?
They do
On Fri, 29 Oct 2004 01:04:23 -0700
Sterling Hughes <[EMAIL PROTECTED]> wrote:
> no curl does not need to respect php's safemode, adding such
> checks at this level is wrong. people who compile curl, can do so
> without local file access, and this will solve their problem.
agree, curl doesn'
On Fri, 29 Oct 2004 10:51:49 +0400
Antony Dovgal <[EMAIL PROTECTED]> wrote:
> On Thu, 28 Oct 2004 12:07:50 -0400
> Sean Coates <[EMAIL PROTECTED]> wrote:
>
> > Is this legitimate?
> > I took a (very) quick look at bugs, and didn't see it.
>
> you can find patches for all branches in attachment.
no curl does not need to respect php's safemode, adding such
checks at this level is wrong. people who compile curl, can do so
without local file access, and this will solve their problem.
On Fri, 29 Oct 2004 10:51:49 +0400, Antony Dovgal <[EMAIL PROTECTED]> wrote:
> On Thu, 28 Oct 2004 12:
On Thu, 28 Oct 2004 12:07:50 -0400
Sean Coates <[EMAIL PROTECTED]> wrote:
> Is this legitimate?
> I took a (very) quick look at bugs, and didn't see it.
you can find patches for all branches in attachment.
comments are welcome.
--
Wbr,
Antony Dovgal aka tony2001
[EMAIL PROTECTED] || [EMAIL PROT
18 matches
Mail list logo
