On Mon, 22 Jul 2002, Greg Donald wrote:
> Not only did I get to re-write all my apps the past few months because of 
> the new register_globals default that was imposed by `the php group`...

You didn't have to. The choice was given to you, for your own good. If you 
have very disciplined programmers and a solid auditing process, you can 
still do just fine with register_globals on.

> Now I get to upgrade my PHP install once a month or so cause of new 
> security holes..  Yay!

Vastly preferable to the alternative: Brand X, where security holes go 
unpatched. The PHP group fixed the problem immediately.

> Wasn't this new register_globals setting supposed to enhance security?

Now there's a non-sequitur if ever I saw one. "What do you mean I have to
stop running across the freeway? I thought giving up smoking was supposed
to enhance my health."

> How would you like to be a sys admin with dozens of machines to upgrade 
> before you can proceed with anythign else?

I upgraded dozens of machines. It took about 10 minutes total.


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to