On Thu, Jul 15, 2010 at 4:27 AM, Larry Garfield la...@garfieldtech.com wrote:
On Wednesday 14 July 2010 03:22:30 pm Dirk Haun wrote:
Am 13.07.2010 um 17:12 Uhr schrieb Ferenc Kovacs:
it would be an interesting to check how many bugs were first marked as
bogus then re-opened and fixed.
I've
Pierre Joye wrote:
On Thu, Jul 15, 2010 at 4:27 AM, Larry Garfieldla...@garfieldtech.com wrote:
On Wednesday 14 July 2010 03:22:30 pm Dirk Haun wrote:
Am 13.07.2010 um 17:12 Uhr schrieb Ferenc Kovacs:
it would be an interesting to check how many bugs were first marked as
bogus then re-opened
On 7/13/10 11:53 PM, Reindl Harald wrote:
Sorry but if the same webserver binary is running php5 with the same vhosts
on the same machine and only one php-version does funny things why
does anybody start a foolish discussion where the problem is?
Could you please drop it. That bug was found
Am 14.07.2010 08:58, schrieb Rasmus Lerdorf:
On 7/13/10 11:53 PM, Reindl Harald wrote:
Sorry but if the same webserver binary is running php5 with the same vhosts
on the same machine and only one php-version does funny things why
does anybody start a foolish discussion where the problem is?
On Wed, Jul 14, 2010 at 9:00 AM, Reindl Harald h.rei...@thelounge.net wrote:
No problem if you tell the other idiots which are thinking
i should read the documentation that the should be quiet
Stop to insult every second person on this list. You are not in the
Bahnhof Cafe here, some respect
Am 13.07.2010 um 17:12 Uhr schrieb Ferenc Kovacs:
it would be an interesting to check how many bugs were first marked as
bogus then re-opened and fixed.
I've been wondering for a while now if much of the emotional reaction to bugs
being closed as bogus is due to that very word. I mean, the
On Wednesday 14 July 2010 03:22:30 pm Dirk Haun wrote:
Am 13.07.2010 um 17:12 Uhr schrieb Ferenc Kovacs:
it would be an interesting to check how many bugs were first marked as
bogus then re-opened and fixed.
I've been wondering for a while now if much of the emotional reaction to
bugs
On 15 July 2010 04:22, Dirk Haun d...@haun-online.de wrote:
Am 13.07.2010 um 17:12 Uhr schrieb Ferenc Kovacs:
it would be an interesting to check how many bugs were first marked as
bogus then re-opened and fixed.
I've been wondering for a while now if much of the emotional reaction to bugs
2010/7/14 Dirk Haun d...@haun-online.de:
Am 13.07.2010 um 17:12 Uhr schrieb Ferenc Kovacs:
it would be an interesting to check how many bugs were first marked as
bogus then re-opened and fixed.
I've been wondering for a while now if much of the emotional reaction to bugs
being closed as
2010/7/12 Reindl Harald h.rei...@thelounge.net:
Jesus christ I AM THE ADMIN TOO and i have no time to
to the sysadminjob
Congratulations, you just pinpointed the problem yourself.
Patrick
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit:
Am 13.07.2010 11:10, schrieb Patrick ALLAERT:
2010/7/12 Reindl Harald h.rei...@thelounge.net:
Jesus christ I AM THE ADMIN TOO and i have no time to
to the sysadminjob
Congratulations, you just pinpointed the problem yourself.
What do you try me to say?
Other admins are not interested as i
On 13.07.2010, at 13:18, Reindl Harald wrote:
In the case of php it seems every user input it thrown away
like i have seen in no other project before
You have suggested that someone do something for you, yet you have chosen to
ignore suggestions how you could do the same thing yourself.
Am 13.07.2010 13:40, schrieb Pierre Joye:
Did you ever run PHP RCs and reported issues?
Dong so will free us some time and helps to reduce
the time to release.
I did, even with a automatic snaphsot-build-system on my homeserver
But after repeatly set bugreports as bogus and reopening
after
Most of the time local exploits are not as bad as it seems. You can do
things in plain PHP witch will just hang the server, like make a
script that uses a ton of memory or opens a lot of files, does spam,
etc. It's a programming language, it's job to execute scripts (now
days a size of a good
hi,
On Tue, Jul 13, 2010 at 1:50 PM, Reindl Harald h.rei...@thelounge.net wrote:
http://bugs.php.net/bug.php?id=42836
The answer was clear, it is a default comment we use instead of RTFM.
bugs.php.net is not meant to be a support channel. We don't have the
time/resource to do so (while some of
Am 13.07.2010 14:29, schrieb Pierre Joye:
hi,
On Tue, Jul 13, 2010 at 1:50 PM, Reindl Harald h.rei...@thelounge.net wrote:
http://bugs.php.net/bug.php?id=42836
The answer was clear
WHAT is here clear?
Someone is closing a bugreport without understanding the problem
it is a default
hi,
On Tue, Jul 13, 2010 at 2:52 PM, Reindl Harald h.rei...@thelounge.net wrote:
Am 13.07.2010 14:29, schrieb Pierre Joye:
hi,
On Tue, Jul 13, 2010 at 1:50 PM, Reindl Harald h.rei...@thelounge.net
wrote:
http://bugs.php.net/bug.php?id=42836
The answer was clear
WHAT is here clear?
- php6 is dead as of now
This was not so as i wrote the bugreport and is not related
RTFM is the wrong answer to a bug, every time, every where
- open_basedir is not per directory, except if the new setting is more
- restrictive that the system one. As documented.
Again what will you try me
I would simply comment a non angry reply to explain why the bug was
valid. That's the way to go. I have no idea (nor I want to know) what
you discussed with Jani, but one thing is sure, 99% of the bugs we
process are doing with care and respect.
http://bugs.php.net/50255
jani tends to
On Tue, Jul 13, 2010 at 11:12, Ferenc Kovacs i...@tyrael.hu wrote:
btw: why can't we see the status changes in the Changes tab at the bugreports?
it would be an interesting to check how many bugs were first marked as
bogus then re-opened and fixed.
You can check here to see the email
On 13 July 2010 23:12, Ferenc Kovacs i...@tyrael.hu wrote:
http://bugs.php.net/50255
jani tends to close bugs without much reading.
Honestly, Jani's... uh, unique approach was a large part of why I've
tried to get a little more involved in bug triage work in the last
year. The point is that
Hello,
On 2010.07.13. 15:24, Reindl Harald wrote:
- php6 is dead as of now
This was not so as i wrote the bugreport and is not related
RTFM is the wrong answer to a bug, every time, every where
- open_basedir is not per directory, except if the new setting is more
- restrictive that the
Am 12.07.2010 15:29, schrieb Rasmus Lerdorf:
Even for small sites, you can get your own VM from Rackspace
Cloud for about $10/month or from linode or any number of providers
where you are not sharing your PHP environment with anyone.
-Rasmus
This is no argument because the most
On 7/12/10 6:35 AM, Reindl Harald wrote:
Am 12.07.2010 15:29, schrieb Rasmus Lerdorf:
Even for small sites, you can get your own VM from Rackspace
Cloud for about $10/month or from linode or any number of providers
where you are not sharing your PHP environment with anyone.
-Rasmus
This
On Mon, 2010-07-12 at 15:35 +0200, Reindl Harald wrote:
Am 12.07.2010 15:29, schrieb Rasmus Lerdorf:
Even for small sites, you can get your own VM from Rackspace
Cloud for about $10/month or from linode or any number of providers
where you are not sharing your PHP environment with anyone.
It would be really relaxter if there are easy patches
available which i could use in rpm-spec-file in a way
like the following - the orinial source-tarball is
unchanged and rpmbuild applys the patches diectly before
build
We are rebuilding php on our own based on fedora-srpm
and so this could be
On Mon, Jul 12, 2010 at 03:50:19PM +0200, Reindl Harald wrote:
It would be really relaxter if there are easy patches
available which i could use in rpm-spec-file in a way
like the following - the orinial source-tarball is
unchanged and rpmbuild applys the patches diectly before
build
while a
Am 12.07.2010 21:16, schrieb Lukas Kahwe Smith:
I am sorry but I think you have to accept that this service will not be
provided
by php.net (for which version of PHP should be release the security patches)
It would be really nice to think about any automatic way to generate
them for latest
Why there are no point releases for security-bugs?
The changelog form 5.3.2 to 5.3.3 RCx shows many
security releases which are well known in the meantime
It's VERY bad to schedule thmen always only with
the normal bugfixes and also on production servers
it can not be recommended to backport
On 7/10/10 2:32 PM, Reindl Harald wrote:
Why there are no point releases for security-bugs?
The changelog form 5.3.2 to 5.3.3 RCx shows many
security releases which are well known in the meantime
It's VERY bad to schedule thmen always only with
the normal bugfixes and also on production
Am 10.07.2010 23:52, schrieb Rasmus Lerdorf:
On 7/10/10 2:32 PM, Reindl Harald wrote:
Why there are no point releases for security-bugs?
The changelog form 5.3.2 to 5.3.3 RCx shows many
security releases which are well known in the meantime
It's VERY bad to schedule thmen always only with
On 7/10/10 3:17 PM, Reindl Harald wrote:
Am 10.07.2010 23:52, schrieb Rasmus Lerdorf:
On 7/10/10 2:32 PM, Reindl Harald wrote:
Why there are no point releases for security-bugs?
The changelog form 5.3.2 to 5.3.3 RCx shows many
security releases which are well known in the meantime
It's
Am 11.07.2010 00:29, schrieb Rasmus Lerdorf:
On 7/10/10 3:17 PM, Reindl Harald wrote:
What is enough on shared hosting because there are many ways
to trigger local exploits. If there is ANY eval-injection
in a for the admin unkown script you heave a full remote-exploit
Shared hosts need to
On 7/10/10 3:34 PM, Reindl Harald wrote:
Am 11.07.2010 00:29, schrieb Rasmus Lerdorf:
On 7/10/10 3:17 PM, Reindl Harald wrote:
What is enough on shared hosting because there are many ways
to trigger local exploits. If there is ANY eval-injection
in a for the admin unkown script you heave a
Am 11.07.2010 00:39, schrieb Rasmus Lerdorf:
We do fix them, but we don't have the capacity to do point releases for
every local exploit fix. We simply don't have enough people to do that.
A shared host who is worried about local exploits need to take other
measures because most of the
On 2010-07-10, at 7:00 PM, Reindl Harald wrote:
I understand this well
Then perhaps you can volunteer to help speed up the release process.
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
On 7/10/10 4:00 PM, Reindl Harald wrote:
Am 11.07.2010 00:39, schrieb Rasmus Lerdorf:
We do fix them, but we don't have the capacity to do point releases for
every local exploit fix. We simply don't have enough people to do that.
A shared host who is worried about local exploits need to
37 matches
Mail list logo