Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:120911
Return-Path: <php-internals_nospam@adviesenzo.nl>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 51879 invoked from network); 15 Aug 2023 16:20:08 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 15 Aug 2023 16:20:08 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 3EEB01804F2
	for <internals@lists.php.net>; Tue, 15 Aug 2023 09:20:07 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: **
X-Spam-Status: No, score=2.6 required=5.0 tests=BAYES_05,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HTML_MESSAGE,NICE_REPLY_A,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
	SPF_SOFTFAIL,STOX_BOUND_090909_B,T_SCC_BODY_TEXT_LINE autolearn=no
	autolearn_force=no version=3.4.2
X-Spam-ASN: AS36483 23.83.208.0/21
X-Spam-Virus: No
X-Envelope-From: <php-internals_nospam@adviesenzo.nl>
Received: from insect.birch.relay.mailchannels.net (insect.birch.relay.mailchannels.net [23.83.209.93])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Tue, 15 Aug 2023 09:20:06 -0700 (PDT)
X-Sender-Id: a2hosting|x-authuser|juliette@adviesenzo.nl
Received: from relay.mailchannels.net (localhost [127.0.0.1])
	by relay.mailchannels.net (Postfix) with ESMTP id 3FF446C290A
	for <internals@lists.php.net>; Tue, 15 Aug 2023 16:20:05 +0000 (UTC)
Received: from nl1-ss105.a2hosting.com (unknown [127.0.0.6])
	(Authenticated sender: a2hosting)
	by relay.mailchannels.net (Postfix) with ESMTPA id 52A4F6C2A43
	for <internals@lists.php.net>; Tue, 15 Aug 2023 16:20:04 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1692116404; a=rsa-sha256;
	cv=none;
	b=GRjOfAfZL4SNvyXdGe6/tXMgQc6vaSrnv+ly55JbcClvL/6FOSz6MmRnlb7KBBHXBUsR1u
	XMhoRdJHDYGOCGEbbeaRPumu+MzpjfT54llMTooZ+rZqzAYafZPjCisfGyZdfkgHXSLJk1
	kg3wziIYN6vinYumBYG37/K0a8ZBbMpLKX/pTURfyQ9TIzprTO6SiENhmP1gfq7wN8z+1z
	cyRdaehxJ4tdxYQECPhdBF58Ln3p968IlIn+7l05PJcEbA3VT0pbfUsqkXkkeFOqZ8IwiG
	Xn6oh+qoQGL4WAJWoSv4SIUSupFZAQwVdqf/l2KGdx9PhXJHlRFDtlP5TMde3A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=mailchannels.net;
	s=arc-2022; t=1692116404;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=LYlm+fY3hup/UKRNvor0SwBnvHIP2yJRV00jXosQ6lE=;
	b=ivmBnSmBLgCBD7Yj4iivEbNpIJMTFU2N6lp8Sa0A08xD85/mYB47p2ITffuNxVN9jSRYza
	jf1ot8+I3GD2YnHF1rHA8p122sB9ma9Zah8bSJw9AFGxPaYiv4hWNAIjqdwkIp9iV127Hi
	ZHiSC1gUyXN7gdPKpvLkOXnquRkUh7OYsGqBG/b6a3CQlXZSzoJT2IxNbpETj2WvjGIBP5
	7QhRaMXFQqpGe9jzNl2jB+n/XwQZ0dHAewzU+lH1ee+L4noDXHbvYIcMcJqMyFh6g+OmT7
	oDrlapQdzYcjcLfBuaWdfirUBrgZ9+ar5EKgZhADmjgey6pkNO1BwP1PTXeRvQ==
ARC-Authentication-Results: i=1;
	rspamd-849d547c58-7f4ld;
	auth=pass smtp.auth=a2hosting
 smtp.mailfrom=php-internals_nospam@adviesenzo.nl
X-Sender-Id: a2hosting|x-authuser|juliette@adviesenzo.nl
X-MC-Relay: Neutral
X-MailChannels-SenderId: a2hosting|x-authuser|juliette@adviesenzo.nl
X-MailChannels-Auth-Id: a2hosting
X-Keen-Befitting: 70b2872b04338d28_1692116405054_576458421
X-MC-Loop-Signature: 1692116405054:2258794690
X-MC-Ingress-Time: 1692116405054
Received: from nl1-ss105.a2hosting.com (nl1-ss105.a2hosting.com
 [85.187.142.69])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384)
	by 100.103.49.134 (trex/6.9.1);
	Tue, 15 Aug 2023 16:20:05 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=adviesenzo.nl; s=default; h=Content-Type:In-Reply-To:MIME-Version:Date:
	Message-ID:From:References:To:Subject:Sender:Reply-To:Cc:
	Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
	List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
	bh=LYlm+fY3hup/UKRNvor0SwBnvHIP2yJRV00jXosQ6lE=; b=HybWmtT1q7fgADzs95vowX0fpm
	9/MowKfFCxmjxWgxq52b89k46sA2x9M50zhnmRvLBl0NRs+Ucnd1sWxKuyEp6atI4/duoGD4pFMxZ
	UylY39UNKfk7GvtB4GGd/83qvsxjH5DMaXNVba7l2YKlUKmb4WYVvohFDsdcXveWdfjw=;
Received: from [143.178.154.86] (port=62516 helo=[192.168.1.16])
	by nl1-ss105.a2hosting.com with esmtpsa  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <php-internals_nospam@adviesenzo.nl>)
	id 1qVwm4-008Ed9-0V
	for internals@lists.php.net;
	Tue, 15 Aug 2023 18:20:02 +0200
To: internals@lists.php.net
References: <CAFPFaMLBZixUFa=7=9Gxj60D=4QyfSpF9se-U+6CRoShzCrFrA@mail.gmail.com>
 <64DA7ACC.1050909@adviesenzo.nl>
 <CAJW__o0LaFdeZTbrXf_EKeNChBxkUiMDos6D_ekR3Wovfq1htg@mail.gmail.com>
Message-ID: <64DBA5B2.9060700@adviesenzo.nl>
Date: Tue, 15 Aug 2023 18:20:02 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.7.0
MIME-Version: 1.0
In-Reply-To: <CAJW__o0LaFdeZTbrXf_EKeNChBxkUiMDos6D_ekR3Wovfq1htg@mail.gmail.com>
Content-Type: multipart/alternative;
 boundary="------------090500080905060004020107"
X-AuthUser: juliette@adviesenzo.nl
Subject: Re: [PHP-DEV] Removing support for the disable_classes INI setting
From: php-internals_nospam@adviesenzo.nl (Juliette Reinders Folmer)

--------------090500080905060004020107
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit

On 15-8-2023 3:43, Kalle Sommer Nielsen wrote:
> Hi
>
> Den man. 14. aug. 2023 kl. 22.05 skrev Juliette Reinders Folmer
> <php-internals_nospam@adviesenzo.nl>:
>> Hi George,
>>
>> For what its worth: in my experience, the `disable_classes` and
>> `disable_functions` ini directives are mostly used by hosting companies
>> providing shared/virtual host environments and, most often for those
>> environments, not editable by their users via a control panel or nor do
>> these users have (edit) access to the php.ini file.
>>
>> Declaring an ini directive in the php.ini file which has been removed
>> will instantly cause a fatal error on starting PHP, so I wonder what the
>> impact will be when a user switches PHP version (which they often can
>> choose to do via a control panel).
> This depends on whether we choose to explicitly mark the ini directive
> as one such. As the original implementor of that logic, it was meant
> as an upgrade tool for PHP 5.3.0 when we also reorganized the php.ini
> files, rather than have developers just copy over their old,
> non-working files over to cause unexpected features to still be
> available.
>
> So there is always the option to not enlist it there, though it would
> be ideal to do so to prevent developers from getting a false sense of
> "security", but that is just my personal take.
>
Ah, that explains it! Thanks for adding that context Kalle!

--------------090500080905060004020107--