Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:103586
Return-Path: <php@golemon.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 27407 invoked from network); 11 Dec 2018 19:52:47 -0000
Received: from unknown (HELO mail-qt1-f181.google.com) (209.85.160.181)
  by pb1.pair.com with SMTP; 11 Dec 2018 19:52:47 -0000
Received: by mail-qt1-f181.google.com with SMTP id k12so16998155qtf.7
        for <internals@lists.php.net>; Tue, 11 Dec 2018 08:19:57 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=Yh3jcgfzMIjlrCJRqKcweedTBbuZeRRVb2RjZWb52OM=;
        b=q0omB4Cmv1nrKWrdMNr4VQ6QuIGnSN0Q1BRLFafCHvG3btK1WI0al+dsCqyxsSUeW9
         X4a+UV6r9vKjvwkURxEvoImd0FL7lBFrg/rR76XB6AaUiQogYgtAvnVM/+Tguc8wQTeB
         bt0KY73GQMetEpMLloCv16XKg1TLZUMIS8XHsozGLdfvVPjDyn2D5H1dkrbupmi9/LME
         eHYr8Bt10pDuUgkRlsYteeknkYrsHHfDh4cMW497DIUvEWg4H4yQx1dB2CDVViSVSTow
         DsCf7xIpGlhLVQUBp/6CPHa1j1M3XwCQbTf1ovj8w7eXFNMrpv0p/lp1d91JYJl5O2bA
         zJOg==
X-Gm-Message-State: AA+aEWaUrdR11nqyqCPTc0KChF7W3yZoXKVJAVQ9s3r3YN9XiysmzsEq
	YJ2q2pAcpJOHQ05PzhCc6avVCZIVPt0XHf2hJZUUhw==
X-Google-Smtp-Source: AFSGD/WOtJtQm/FARQ7pWIyejDti8AzYHED34iBhJoaKKEgLmg3vBPpcVIRUBC/wDba5uJuoI7oWcP2vO+GcAKaEuNY=
X-Received: by 2002:aed:3b25:: with SMTP id p34mr16375928qte.310.1544545197494;
 Tue, 11 Dec 2018 08:19:57 -0800 (PST)
MIME-Version: 1.0
References: <BY1PR02MB126022AD4151506F6486D6A7BFA90@BY1PR02MB1260.namprd02.prod.outlook.com>
In-Reply-To: <BY1PR02MB126022AD4151506F6486D6A7BFA90@BY1PR02MB1260.namprd02.prod.outlook.com>
Date: Tue, 11 Dec 2018 10:19:46 -0600
Message-ID: <CAESVnVoPensNBBymLAEbqJ4PTDXKKwqBYLB9=ZkJU83CnXXZMA@mail.gmail.com>
To: Dmitry Stogov <dmitry@zend.com>
Cc: PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="000000000000d626f3057cc173a2"
Subject: Re: [PHP-DEV] [RFC] FFI - Foreign Function Interface
From: pollita@php.net (Sara Golemon)

--000000000000d626f3057cc173a2
Content-Type: text/plain; charset="UTF-8"

On Thu, Dec 6, 2018 at 9:54 AM Dmitry Stogov <dmitry@zend.com> wrote:

> I would like to start discussion of FFI RFC https://wiki.php.net/rfc/ffi
>
> I said this already privately, but I just want to repeat here in the
open.  This thing is DANGEROUS.  I know you know that. I'm not telling you,
I'm stating it for every casual reader of this list.  So while discussing
details of naming and calling conventions is important, my #1 concern is
how we avoid creating a potentially fatal situation for users.

I like the "ffi.enable=preload" idea you came up with.  I think that
addresses the actual needs that FFI is trying to solve without completely
opening the fire hose.  Big +2 to that idea.  (Although it's not expressed,
I'm assuming this is PHP_INI_SYSTEM as anything else would be silly)

I'm not super enthused by having "ffi.enable=true" even be an option, to be
quite honest.  For CLI, sure but the damage that can be wrought from a web
server exposed to the internet is non-trivial.  And I'm also going to let
my prejudice show: I don't trust someone who doesn't know how to write an
extension in C to use FFI.  Heck, I've seen some extensions that make me
wince pretty hard, but at least there I feel like they've had to do
something more thoughtful than copy-paste an example from stack overflow
and change a name or two without any concern for how an unmanaged language
works.

And for the record, since some of my tweetings have been misconstrued, I am
currently +1 on the idea as a whole. I just want flashing neon signage a
mile high and a heavy, even frustrating barrier to access.  The
consequences of being too lax are too high.

-Sara

--000000000000d626f3057cc173a2--