Ok, so I know this might start flame wars, but... here goes ;)

It seems suhosin  is dead as far as 5.4 goes, now, some make
allegations that it is no longer needed since php has allegedly
incorporated much of its safe guards, but these claims are from self
proclaimed experts (a term i use very loosley) on forums and blogs.

So, is the general opinion here, from actual "factual experience"  and
not because you read the same trashy bloggers as I did,  in agreeance?
 is it genuinely true that suhosin is now irrelevant with 5.4 upwards
and php is now much safer on its own?

We have always appreciated its work to stop plugins and so forth
escaping local jails by example   open_base  or some other lock-down
type setting, plus injections and so forth.

if php has incorporated such, thats fine, but I have no idea where to
turn to ask for factual information on this, so I'm asking here and
hope that a dev or someone in the inner circle knows the facts, and
not rumours or sumizes, or a tleast more facts than half the self
appointed gurus claim :)


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to