On 03/08/2013 18:50, Lester Caine wrote:
Practical experience is that suhosin does not actually work with 5.4?
Not without _unofficial_ patch(es) see attached for sessions, if it
doesnt go through on list you can find the patch on github
I've had to disable it because of problems with sess
Nick Edwards wrote:
So, is the general opinion here, from actual "factual experience" and
not because you read the same trashy bloggers as I did, in agreeance?
is it genuinely true that suhosin is now irrelevant with 5.4 upwards
and php is now much safer on its own?
Practical experience is
Well I do not use suhosin as I can lock down PHP with things like
disable_function, disable_classes along with more advance function
such as chroot and mod_security.
On 8/3/13, Nick Edwards wrote:
> Ok, so I know this might start flame wars, but... here goes ;)
>
> It seems suhosin is dead as fa
Ok, so I know this might start flame wars, but... here goes ;)
It seems suhosin is dead as far as 5.4 goes, now, some make
allegations that it is no longer needed since php has allegedly
incorporated much of its safe guards, but these claims are from self
proclaimed experts (a term i use very loo
4 matches
Mail list logo
