Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:125644
Date: Fri, 20 Sep 2024 10:28:46 -0700 (PDT)
To: Arvids Godjuks <arvids.godjuks@gmail.com>
Cc: Hammed Ajao <hamiegold@gmail.com>,
	Rob Landers <rob@bottled.codes>,
	Adam Zielinski <adam.zielinski@automattic.com>,
	Mike Schinkel <mike@newclarity.net>,
	PHP internals <internals@lists.php.net>
Subject: Re: [PHP-DEV] Zephir, and other tangents
Message-ID: <C2E2878F-42E9-47EF-A373-0A3B5092E34A@automattic.com>
In-Reply-To: <CAL0xaBHKUxwbzAYaPHevLSAEvWOQRPLsraxEg3oQtJ=wTxAkiw@mail.gmail.com>
References: <A247BB36-9FD1-4AAF-AAB8-82DBD9DE3550@newclarity.net>
	<CA697780-BC2D-4054-A9FD-523E08236732@rwec.co.uk>
	<8D420123-4ECF-48FD-A9C3-F80C60457A37@newclarity.net>
	<CA+Jpajkx0OraH7GQyB5gECtPOo2JP=RzuSwqfv4AZGY+a+ryPw@mail.gmail.com>
	<AACF228F-53D3-480F-9127-77FBC4AE6A84@newclarity.net>
	<CAGnYymDhy1dov+4HcFWhAx1Ga9bXR=Urew9RbN5KEXcgHmk=Ew@mail.gmail.com>
	<f433fbe1-bee4-4a61-ba18-90053975b29e@app.fastmail.com>
	<BB0310CD-8134-4B3F-9C51-B59B5A24405F@automattic.com>
	<CA+Jpajnk9i=EhqXaKnYUTHhA_1TfzB1qiLfRh1whPoO8Y8ECqA@mail.gmail.com>
	<7EA884D2-0F37-4BF1-AC97-DB6953C944E6@automattic.com>
	<CAL0xaBHKUxwbzAYaPHevLSAEvWOQRPLsraxEg3oQtJ=wTxAkiw@mail.gmail.com>
Precedence: bulk
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="=_0B071799-C3F1-4546-8D92-D314F3E03523"
From: dennis.snell@automattic.com (Dennis Snell)


--=_0B071799-C3F1-4546-8D92-D314F3E03523
Content-Type: text/plain;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable



> On Sep 20, 2024, at 12:56 AM, Arvids Godjuks <arvids.godjuks@gmail.com> w=
rote:
>=20
>=20
> On Fri, 20 Sept 2024 at 09:17, Dennis Snell <dennis.snell@automattic.com
>> wrote:
>=20
>>=20
>> Hi Hammed, thank you for taking the time to read through this and share =
your thoughts.
>>=20
>>=20
>>> snip
>>>=20
>>=20
>>>=20
>>> Cheers,
>>> Hammed
>>>=20
>>>=20
>>>=20
>>=20
>> Hope you have a nice weekend. Cheers.
>>=20
>>=20
>>=20
>=20
>=20
> Hello everyone,
>=20
> I want to chip in here, since reading the thread lead me into a state of =
cognitive dissonance.
>=20

Hi=C2=A0Arv=C4=ABds, that sounds stressful. This is definitely a wavering t=
hread, as noted by the =E2=80=9Ctangents=E2=80=9D subject. As far as the em=
ail you=E2=80=99re replying to, the main point is that if PHP offered a way=
 to embed safe native-like extensions in a sandbox, then lots of the pressu=
re to add and maintain extensions would drop from the host and provider and=
 enable the customers to manage that on their own, and open many doors for =
PHP. A WASM runtime engine inside PHP would be a viable path to get to that=
 point.


> I've been in PHP world for a long=C2=A0time, about 3 years shy of how old=
 Wordpress is. When I'm reading "shared hosting" and "WASM" and knowing how=
 managed hosting works, I have to ask: What type of la-la land is this conv=
ersation is taking place in?
> All managed wordpess hosting is locked down hard. Extensions are very lim=
ited and everything that allows any type of freedom is disabled, functions =
are disabled en mass. I have to ask: knowing the history of past 27 years, =
what managed hoster in their right mind and sanity will allow WASM to be en=
abled=C2=A0to bypass ____A L L _____ PHP security features and allow PHP co=
de do anything it wants? On a shared hosting... I seriously want to know an=
swer to this question, because I firmly believe there was zero risk and sec=
urity assessment not only done, but it hasn't been even a twinkle in the ey=
e.
>=20

These are good questions. The basic point of confusion might stem from what=
 the security domain is for a WASM runtime. It=E2=80=99s actually precisely=
 because of the concerns you raise that WASM is a candidate here, being san=
dboxed by default and unable to interact with the host system.


That is, a WASM extension not only can=E2=80=99t bypass any PHP security fe=
atures, but it=E2=80=99s significantly more constrained than any PHP code i=
s. Managed hosts are locked down largely because of the security concerns t=
hat are categorically not present with the system we=E2=80=99re discussing,=
 so being able to offer more on their platforms without having to dedicate =
additional resources to it could be a nice selling point.


>=20
>=20
> On VPS/Decicated you can run whatever you want, so you don't have the lim=
itations.
>=20

I mentioned this in my email; I appreciate that many folks around here have=
 full control over their infrastructure, but when building platform like Wo=
rdPress or any of the other PHP frameworks, we just don=E2=80=99t have the =
liberty of having that control. In any case, even some very large shops who=
 write and manage their own PHP extensions are constantly on the hook for s=
ecurity issues and updates and breakages. I=E2=80=99m sure we=E2=80=99d do =
much more at Automattic to extend PHP if we could do so without the securit=
y, platform-dependancy, and build issues involved in maintaining custom ext=
ensions.


>=20
>=20
> On other note - people have pointed out how big body of work it is. If yo=
u want to sponsor WASM development for PHP, I suggest Automatic open their =
wallet and put in 2-3 million $ a year for the next 5-10 years to PHPFounda=
tion and find devs who are capable and willing to do this job. Honestly, I =
think you might find people to want to do that rather than lack of money be=
ing the cause of it.
>=20

I=E2=80=99m not sure why you=E2=80=99re singling out Automattic, since nobo=
dy from Automattic started this thread or requested other people provide un=
funded volunteer work, or why you=E2=80=99re expecting a single corporate e=
ntity to fully fund long-term planned features in the language. Is that how=
 PHP normally grows? I=E2=80=99m not familiar with the process.


My goal in sharing here is to help better represent my own perspective of W=
ordPress=E2=80=99 needs based on what I=E2=80=99ve seen. It=E2=80=99s long =
been on my list to propose a WASM RFC, but because I personally haven=
=E2=80=99t had the priority available to get an implementation working I ha=
ven=E2=80=99t done so. It=E2=80=99s my impression from the documentation th=
at the purpose of these email threads w.r.t. RFCs is to gather interest and=
 input before any RFC would be put together, to hold these discussions befo=
re anyone commits any major time to it.


>=20
>=20
> --=C2=A0
>=20
>=20
> Arv=C4=ABds Godjuks+371 26 851 664
> arvids.godjuks@gmail.com
>=20
> Telegram: @psihius=C2=A0https://t.me/psihius
>=20
>=20
>=20
>=20
>=20

Warmly,
Dennis Snell


--=_0B071799-C3F1-4546-8D92-D314F3E03523
Content-Type: text/html;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w=
3.org/TR/REC-html40/loose.dtd">
<html>
<head>
<meta charset=3D"utf-8">
<style>body{font-family:-apple-system,Helvetica,Arial,sans-serif;}blockquot=
e{margin:0;padding:0 0 0 12px;border-left:1px solid #aaa;color:#aaa;}hr.uni=
box-forward{border:0;color:#888;background-color:#888;height:1px;}</style>
</head>
<body>
<div><br></div>
<blockquote type=3D"cite">
<div>On Sep 20, 2024, at 12:56 AM, Arvids Godjuks &lt;arvids.godjuks@gmail.=
com&gt; wrote:</div>
<div><br></div>
<div dir=3D"ltr" style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-s=
tandard; font-variant-caps: normal; font-weight: 400; text-decoration: none=
;">On Fri, 20 Sept 2024 at 09:17, Dennis Snell &lt;<a href=3D"mailto:dennis=
.snell@automattic.com">dennis.snell@automattic.com</a>&gt; wrote:<br>
</div>
<div class=3D"gmail_quote" style=3D"caret-color: rgb(0, 0, 0); font-family:=
 -webkit-standard; font-variant-caps: normal; font-weight: 400; text-decora=
tion: none;"><blockquote class=3D"gmail_quote" style=3D"margin: 0px 0px 0px=
 0.8ex; border-left-width: 1px; border-left-style: solid; border-left-color=
: rgb(204, 204, 204); padding-left: 1ex;"><div class=3D"msg-716369215112689=
3705">
<u></u><div>
<div>Hi Hammed, thank you for taking the time to read through this and shar=
e your thoughts.</div>
<div><br></div>
<blockquote type=3D"cite"><div>snip</div></blockquote>
<div><br></div>
<blockquote type=3D"cite"><div dir=3D"ltr" style=3D"font-family: -webkit-st=
andard; font-variant-caps: normal; font-weight: 400; text-decoration: none;=
"><div class=3D"gmail_quote">
<div>
<br>Cheers,</div>
<div>Hammed</div>
</div></div></blockquote>
<div><br></div>
<div>Hope you have a nice weekend. Cheers.</div>
</div>
</div></blockquote></div>
<div style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fon=
t-variant-caps: normal; font-weight: 400; text-decoration: none;"><br></div>
<span style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fo=
nt-variant-caps: normal; font-weight: 400; text-decoration: none; float: no=
ne; display: inline !important;">Hello everyone,</span><div style=3D"caret-=
color: rgb(0, 0, 0); font-family: -webkit-standard; font-variant-caps: norm=
al; font-weight: 400; text-decoration: none;"><br></div>
<div style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fon=
t-variant-caps: normal; font-weight: 400; text-decoration: none;">I want to=
 chip in here, since reading the thread lead me into a state of cognitive d=
issonance.</div>
</blockquote>
<div><br></div>
<div>Hi=C2=A0Arv=C4=ABds, that sounds stressful. This is definitely a waver=
ing thread, as noted by the =E2=80=9Ctangents=E2=80=9D subject. As far as t=
he email you=E2=80=99re replying to, the main point is that if PHP offered =
a way to embed safe native-like extensions in a sandbox, then lots of the p=
ressure to add and maintain extensions would drop from the host and provide=
r and enable the customers to manage that on their own, and open many doors=
 for PHP. A WASM runtime engine inside PHP would be a viable path to get to=
 that point.</div>
<div><br></div>
<blockquote type=3D"cite">
<div style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fon=
t-variant-caps: normal; font-weight: 400; text-decoration: none;">I've been=
 in PHP world for a long=C2=A0time, about 3 years shy of how old Wordpress =
is. When I'm reading "shared hosting" and "WASM" and knowing how managed ho=
sting works, I have to ask: What type of la-la land is this conversation is=
 taking place in?</div>
<div style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fon=
t-variant-caps: normal; font-weight: 400; text-decoration: none;">All manag=
ed wordpess hosting is locked down hard. Extensions are very limited and ev=
erything that allows any type of freedom is disabled, functions are disable=
d en mass. I have to ask: knowing the history of past 27 years, what manage=
d hoster in their right mind and sanity will allow WASM to be enabled=C2=A0=
to bypass ____A L L _____ PHP security features and allow PHP code do anyth=
ing it wants? On a shared hosting... I seriously want to know answer to thi=
s question, because I firmly believe there was zero risk and security asses=
sment not only done, but it hasn't been even a twinkle in the eye.</div>
</blockquote>
<div><br></div>
<div>These are good questions. The basic point of confusion might stem from=
 what the security domain is for a WASM runtime. It=E2=80=99s actually prec=
isely because of the concerns you raise that WASM is a candidate here, bein=
g sandboxed by default and unable to interact with the host system.</div>
<div><br></div>
<div>That is, a WASM extension not only can=E2=80=99t bypass any PHP securi=
ty features, but it=E2=80=99s significantly more constrained than any PHP c=
ode is. Managed hosts are locked down largely because of the security conce=
rns that are categorically not present with the system we=E2=80=99re discus=
sing, so being able to offer more on their platforms without having to dedi=
cate additional resources to it could be a nice selling point.</div>
<div><br></div>
<blockquote type=3D"cite">
<div style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fon=
t-variant-caps: normal; font-weight: 400; text-decoration: none;"><br></div>
<div style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fon=
t-variant-caps: normal; font-weight: 400; text-decoration: none;">On VPS/De=
cicated you can run whatever you want, so you don't have the limitations.</=
div>
</blockquote>
<div><br></div>
<div>I mentioned this in my email; I appreciate that many folks around here=
 have full control over their infrastructure, but when building platform li=
ke WordPress or any of the other PHP frameworks, we just don=E2=80=99t have=
 the liberty of having that control. In any case, even some very large shop=
s who write and manage their own PHP extensions are constantly on the hook =
for security issues and updates and breakages. I=E2=80=99m sure we=E2=80=99=
d do much more at Automattic to extend PHP if we could do so without the se=
curity, platform-dependancy, and build issues involved in maintaining custo=
m extensions.</div>
<div><br></div>
<blockquote type=3D"cite">
<div style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fon=
t-variant-caps: normal; font-weight: 400; text-decoration: none;"><br></div>
<div style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fon=
t-variant-caps: normal; font-weight: 400; text-decoration: none;">On other =
note - people have pointed out how big body of work it is. If you want to s=
ponsor WASM development for PHP, I suggest Automatic open their wallet and =
put in 2-3 million $ a year for the next 5-10 years to PHPFoundation and fi=
nd devs who are capable and willing to do this job. Honestly, I think you m=
ight find people to want to do that rather than lack of money being the cau=
se of it.</div>
</blockquote>
<div><br></div>
<div>I=E2=80=99m not sure why you=E2=80=99re singling out Automattic, since=
 nobody from Automattic started this thread or requested other people provi=
de unfunded volunteer work, or why you=E2=80=99re expecting a single corpor=
ate entity to fully fund long-term planned features in the language. Is tha=
t how PHP normally grows? I=E2=80=99m not familiar with the process.</div>
<div><br></div>
<div>My goal in sharing here is to help better represent my own perspective=
 of WordPress=E2=80=99 needs based on what I=E2=80=99ve seen. It=E2=80=99s =
long been on my list to propose a WASM RFC, but because I personally haven=
=E2=80=99t had the priority available to get an implementation working I ha=
ven=E2=80=99t done so. It=E2=80=99s my impression from the documentation th=
at the purpose of these email threads w.r.t. RFCs is to gather interest and=
 input before any RFC would be put together, to hold these discussions befo=
re anyone commits any major time to it.</div>
<div><br></div>
<blockquote type=3D"cite">
<div style=3D"caret-color: rgb(0, 0, 0); font-family: -webkit-standard; fon=
t-variant-caps: normal; font-weight: 400; text-decoration: none;">
<div><br></div>
<span class=3D"gmail_signature_prefix">--<span class=3D"Apple-converted-spa=
ce">=C2=A0</span></span><br><div dir=3D"ltr" class=3D"gmail_signature"><div=
 dir=3D"ltr">
<div><br></div>Arv=C4=ABds Godjuks<div>+371 26 851 664</div>
<div><a href=3D"mailto:arvids.godjuks@gmail.com" target=3D"_blank">arvids.g=
odjuks@gmail.com</a></div>
<div>Telegram: @psihius=C2=A0<a href=3D"https://t.me/psihius" target=3D"_bl=
ank">https://t.me/psihius</a>
</div>
</div></div>
</div>
</blockquote>
<div><br></div>
<div>Warmly,</div>
<div>Dennis Snell</div>
</body>
</html>
--=_0B071799-C3F1-4546-8D92-D314F3E03523--