Hey man, if you can't stand the heat, get out of the freakin sun. Atleast PHP tells you about holes, not like Microsoft who will fix it six months down the line (if they even admit a hole exists). Plus, if your running anything past 4.1.2 on production systems, it's your own damn fault because several times it has been said that the 4.2 series wasn't considered safe for production use. And by the way, don't want to use PHP anymore because of this? Then don't. PHP doesn't need you, the rest of the people who can handle an update without whining will be fine.
Adam Voigt [EMAIL PROTECTED] On Mon, 2002-07-22 at 12:55, Greg Donald wrote: > On Mon, 22 Jul 2002, Marko Karppinen wrote: > > > PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1 > > Not only did I get to re-write all my apps the past few months because of > the new register_globals default that was imposed by `the php group`... > > Now I get to upgrade my PHP install once a month or so cause of new > security holes.. Yay! > > Wasn't this new register_globals setting supposed to enhance security? > > How would you like to be a sys admin with dozens of machines to upgrade > before you can proceed with anythign else? > > Can anyone say Ruby? > > > -- > Greg Donald > http://destiney.com > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php