On Wed, August 22, 2007 3:31 pm, mike wrote:
>> I thing a good FAQ entry would be how this patch fits in with
>> Suhosin
>> and what are the comparable/conflicting concepts, are they
>> compatible
>> with each other etc.
>>
>> http://www.hardened-php.net/suhosin/a_feature_list.html
>>
>>
>> Both sy
On 8/22/07, Chris <[EMAIL PROTECTED]> wrote:
> I'm agreeing with the ideas behind Grasp & Suhosin - I'm just
> disagreeing with Daevid's comment about them only being for 'newbie'
> installations.
oh, most definately. i consider myself a very tight coder - but i'd
prefer to have them in my PHP ins
mike wrote:
On 8/22/07, Chris <[EMAIL PROTECTED]> wrote:
That's a completely wrong assumption. PhpBB has had a lot of
vulnerabilities in the past, as has php-nuke and other popular packages.
They've been around for years and not written by newbie's as far as I
know - but I don't have any link t
On 8/22/07, Chris <[EMAIL PROTECTED]> wrote:
> That's a completely wrong assumption. PhpBB has had a lot of
> vulnerabilities in the past, as has php-nuke and other popular packages.
>
> They've been around for years and not written by newbie's as far as I
> know - but I don't have any link to eith
Daevid Vincent wrote:
-Original Message-
From: mike [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 22, 2007 1:32 PM
I thing a good FAQ entry would be how this patch fits in
with Suhosin
and what are the comparable/conflicting concepts, are they
compatible
with each other etc.
On 8/22/07, M. Sokolewicz <[EMAIL PROTECTED]> wrote:
> because such options slow down the execution of every PHP script, even
> though "disabled".
compile time options wouldn't be much of a slowdown.
and in my mind, with CPU power being quite cheap, i could see it being
more valuable to have more
> -Original Message-
> From: mike [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, August 22, 2007 1:32 PM
>
> > I thing a good FAQ entry would be how this patch fits in
> with Suhosin
> > and what are the comparable/conflicting concepts, are they
> compatible
> > with each other etc.
> >
>
mike wrote:
I thing a good FAQ entry would be how this patch fits in with Suhosin
and what are the comparable/conflicting concepts, are they compatible
with each other etc.
http://www.hardened-php.net/suhosin/a_feature_list.html
Both systems are liable to appeal to the same sort of people so i
> I thing a good FAQ entry would be how this patch fits in with Suhosin
> and what are the comparable/conflicting concepts, are they compatible
> with each other etc.
>
> http://www.hardened-php.net/suhosin/a_feature_list.html
>
>
> Both systems are liable to appeal to the same sort of people so it
Ezequiel Gutesman wrote:
> CORE GRASP for PHP is a web-application protection software aimed at
> detecting and blocking injection vulnerabilities and privacy violations.
> As mentioned during its presentation at Black Hat USA 2007, GRASP is
> being released as open source under the Apache 2.0 lice
10 matches
Mail list logo