Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:116872
Return-Path: <kjarli@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 8798 invoked from network); 12 Jan 2022 07:21:29 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 12 Jan 2022 07:21:29 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 7784F1804B4
	for <internals@lists.php.net>; Wed, 12 Jan 2022 00:30:39 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-0.2 required=5.0 tests=BAYES_20,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS
	autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <kjarli@gmail.com>
Received: from mail-il1-f172.google.com (mail-il1-f172.google.com [209.85.166.172])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Wed, 12 Jan 2022 00:30:39 -0800 (PST)
Received: by mail-il1-f172.google.com with SMTP id o20so1673751ill.0
        for <internals@lists.php.net>; Wed, 12 Jan 2022 00:30:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=AwV3SeaWo/kmBvaQ2NYVKC9CU8FPGCM/pqmdIS4KjBU=;
        b=ChOiqFN52cL+pNOtV7NPgoPLd88DQROe8m8cs3SOIYnqiTlLcQJzAJZKQrdX0Rp0kR
         pCFwdzZ8AC/pcPmDRdLP1V9+kUnJH7baBk0fMMyedkJnkKf4hNo4DXqW3cQ8CMV7b8PF
         lVKWJHYN/4IFtdrtVhUo5SnqtGUvZ27hDcILjVb9BTi6YxgoQ2oXzf6M0l2RxZdPsguU
         b46uLOViUu9p8TBM8+S4Xsvw8FjuIdhlhQQ8fVDovgSdK0bcK24075S+e6S8vRRH/It4
         q8SuiUHyheQ2BeU9KZLj3OsuNXuxVqVPosSmfjBdT2hDQ1bNBL77Js19HXcZfMCDM9ag
         zcPQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=AwV3SeaWo/kmBvaQ2NYVKC9CU8FPGCM/pqmdIS4KjBU=;
        b=lvOqV1E5dC1pqIIaBz6M6dwdl0KJSxsgGzE1xkHufCoWK/tJQ1AjhVHRIkpkUnpz1e
         wkmDa/6mNbLZP7dmd10Zwa4WNH+eemTRouvb5V0fd6HKohtgacgT1bzDUaxXCN5QC9yr
         liR2kF4z8x/Vmx4UvdCLh2FQhoB9b7sqj4cbZc4Dh8n1+061DXS6lc+vKr2Q22f0G+jU
         cQlTRnDo+34h/pQt9OXk2go+fnUl11xbprSER7nTJK27O76prYj85E6t8Obv4m/d33v4
         7tRTRyx6NvrhmTB4Zx0hl7T1bUd3mQN5hPMNAhf/FxcoJ8dJ3JuS9QIOXrHVU+uP99S6
         7qhg==
X-Gm-Message-State: AOAM5336xjz6lu8e9ql6BP9SxXDq0zFLMBLjbsUKSC9g/JFQm77S8Pjd
	dypUgKcZW2hs0hrFPY180CB+EiCINxG4VrfuV95O1386
X-Google-Smtp-Source: ABdhPJzI/+Fl+8NgNxzu+Z660CAbABvVw1lPtDx8x37KXsK7bsdYx4k2As0XR7MFbEgP5yEkB99uWqoruqHV6InNNcI=
X-Received: by 2002:a05:6e02:1052:: with SMTP id p18mr4320616ilj.293.1641976238587;
 Wed, 12 Jan 2022 00:30:38 -0800 (PST)
MIME-Version: 1.0
References: <ded42b3e-3149-1192-0f86-07715fcb7a3e@woltlab.com>
 <CANS-=pfqDBtfOtbfFWHzB_8eStBWQN5vTDGFe=ehG8B6j3axyw@mail.gmail.com> <70323155-337c-08c1-47c1-1d11fa6e86f8@woltlab.com>
In-Reply-To: <70323155-337c-08c1-47c1-1d11fa6e86f8@woltlab.com>
Date: Wed, 12 Jan 2022 09:30:13 +0100
Message-ID: <CANS-=pe01is8HMm-FZVJdTGPq7X_jZnn6dJ-yEO1=+tOUwy5BQ@mail.gmail.com>
To: =?UTF-8?Q?Tim_D=C3=BCsterhus=2C_WoltLab_GmbH?= <duesterhus@woltlab.com>
Cc: PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="0000000000006e42a805d55e6266"
Subject: Re: [PHP-DEV] RFC [Discussion]: Redacting parameters in back traces
From: kjarli@gmail.com (Lynn)

--0000000000006e42a805d55e6266
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Wed, Jan 12, 2022 at 9:17 AM Tim D=C3=BCsterhus, WoltLab GmbH <
duesterhus@woltlab.com> wrote:

> Hi Lynn
>
> On 1/11/22 11:23 AM, Lynn wrote:
> > One possible addition; would it be possible to analyze the masked value=
s
> > and mask any 100% matches elsewhere?
>
> No, this is not in scope for this RFC, as it would require accurate
> tracking of variable contents across reassignments and possibly function
> calls.
>
> My understanding is that this basically would require support for
> tainted variables, i.e. this very old RFC: https://wiki.php.net/rfc/taint


 I was thinking more of a "keep track of the values replaced, and in the
end purge all those values from the end-result" kinda thing.

--0000000000006e42a805d55e6266--