Hi,
It sounds cool, indeed.
The obvious question now is: how it performs with real-world applications?
Have you been able to identify security bugs (either new or already known)?
I don't have time to perform these tests myself, but I would love to see
some results.
Regards,
Nuno
----- Original Message -----
From: "Wietse Venema" <[EMAIL PROTECTED]>
To: <internals@lists.php.net>
Sent: Friday, November 02, 2007 8:44 PM
Subject: [PHP-DEV] Preliminary PHP taint support available
A preliminary implementation of PHP taint support is available from
ftp://ftp.porcupine.org/pub/php/ This code is released under version
2.00 of the Zend license.
Below are fragments from the README file. For the full text please see
ftp://ftp.porcupine.org/pub/php/php-5.2.3-taint-20071102.README.html
This file also has information about using taint in real applications,
about run-time performance, and about changes within the PHP core.
Most of all, your feedback is welcome, so that I can make this code
as easy to use and as performant as possible.
Wietse Venema
IBM Research
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
