Ok, so I know this might start flame wars, but... here goes ;) It seems suhosin is dead as far as 5.4 goes, now, some make allegations that it is no longer needed since php has allegedly incorporated much of its safe guards, but these claims are from self proclaimed experts (a term i use very loosley) on forums and blogs.
So, is the general opinion here, from actual "factual experience" and not because you read the same trashy bloggers as I did, in agreeance? is it genuinely true that suhosin is now irrelevant with 5.4 upwards and php is now much safer on its own? We have always appreciated its work to stop plugins and so forth escaping local jails by example open_base or some other lock-down type setting, plus injections and so forth. if php has incorporated such, thats fine, but I have no idea where to turn to ask for factual information on this, so I'm asking here and hope that a dev or someone in the inner circle knows the facts, and not rumours or sumizes, or a tleast more facts than half the self appointed gurus claim :) Thanks Nikki -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php