_____ From: Stanislav Malyshev [mailto:[EMAIL PROTECTED] I don't think they are "not important", just that they are not important enough to want them fixed no matter the cost. Running shared hosted server in a mode that relies on restricted code IMO is wrong anyway, and for non-shared environment these problems could be exploited only if specifically enabled by very badly written code. So when there's a trade-off between having the language work better for 100% of cases or protect those who run broken code on their servers - the choice would be to make language run better. Again, that doesn't mean bugs shouldn't be fixed - just the fix shouldn't make the situation worse.why not let the choise to the php user ? with configurable option ? if the user accept perfomance hit vs security, they configure the option... without run fast but without protection...
it's juste a idea... Mathieu
