* Zeev Suraski wrote:
> equivalent to shipping cars without brakes. You hope that the user would
> be bright enough to install brakes,
Hoping that is not enough. If you really change the
behaviour to ship PHP with register_globals to off,
then I suggest you should also ship some README_Security
or something similar where Kris writes a nice tutorial
about writing secure PHP applications. (This README_Security
should also be inserted into the Manual and all places where
it makes sense) Also, before doing "make install" a
"less README_Security" should be done by the makefile.
--
PHP Schulungen und | International PHP Conference
Schulungsmaterial: | 05. - 07.11.2001
http://thinkphp.de/ | Astron Hotel, Frankfurt
http://rent-a-phpwizard.de/schulungen.php | http://www.php-kongress.de/
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]