On Wed, Mar 23, 2016 at 5:38 AM, Matt Wilmas
wrote:
> Hi Dmitry,
>
> - Original Message -
> From: "Dmitry Stogov"
> Sent: Tuesday, March 22, 2016
>
> Commit:d8b75b0807a5d94bd7b6b175d56aba8bc5be8d7a
>> Author:Dmitry Stogov Tue, 22 Mar 2016
>> 23:57:26 +0300
>> Parents: 7
Hi!
> Offending features may be disabled/changed by INI settings. I think it ok
> to say pretty much no BC issue.
I think this approach will lead us into problems. "It may be disabled by
INI setting" does not mean the problem does not exist (and btw not
everything that changes can be disabled AFA
Hi Stas,
On Thu, Mar 24, 2016 at 5:44 AM, Stanislav Malyshev wrote:
>> Offending features may be disabled/changed by INI settings. I think it ok
>> to say pretty much no BC issue.
>
> I think this approach will lead us into problems. "It may be disabled by
> INI setting" does not mean the problem
Hi all,
On Sun, Feb 14, 2016 at 9:49 AM, Yasuo Ohgaki wrote:
> It's been long time since the first proposal. Since session
> module is important module for Web apps, I would like to
> hear opinions for this RFC once again before vote.
>
> RFC
> https://wiki.php.net/rfc/precise_session_management
Hi all,
Since the vote for
https://wiki.php.net/rfc/precise_session_management
is declined 15 vs 11.
https://wiki.php.net/rfc/precise_session_management#vote
We have to come up with other solutions for
- Session loss by race conditions
- Method to make session abuse harder
I'm open to impleme
On Thu, Mar 24, 2016 at 11:26 AM, Yasuo Ohgaki wrote:
> On Sun, Feb 14, 2016 at 9:49 AM, Yasuo Ohgaki wrote:
>> It's been long time since the first proposal. Since session
>> module is important module for Web apps, I would like to
>> hear opinions for this RFC once again before vote.
>>
>> RFC
>
Hi all,
On Thu, Mar 24, 2016 at 11:34 AM, Yasuo Ohgaki wrote:
> We have to come up with other solutions for
>
> - Session loss by race conditions
> - Method to make session abuse harder
I'll explain how attacker can steal PHP sessions forever with current
session module. There are multiple ser
