Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:14555 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 49821 invoked by uid 1010); 3 Feb 2005 02:24:19 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 49806 invoked from network); 3 Feb 2005 02:24:19 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 3 Feb 2005 02:24:19 -0000 X-Host-Fingerprint: 144.140.70.11 gizmo01bw.bigpond.com Linux 2.4/2.6 Received: from ([144.140.70.11:42179] helo=gizmo01bw.bigpond.com) by pb1.pair.com (ecelerity HEAD (r4105:4106)) with SMTP id 4E/B3-30841-15B81024 for ; Wed, 02 Feb 2005 21:24:18 -0500 Received: (qmail 22563 invoked from network); 3 Feb 2005 02:24:12 -0000 Received: from unknown (HELO bwmam02.bigpond.com) (144.135.24.72) by gizmo01bw.bigpond.com with SMTP; 3 Feb 2005 02:24:12 -0000 Received: from cpe-61-9-137-188.vic.bigpond.net.au ([61.9.137.188]) by bwmam02.bigpond.com(MAM REL_3_4_2a 17/61807669) with SMTP id 61807669; Thu, 03 Feb 2005 12:24:12 +1000 Message-ID: <42018B49.2030204@trickie.org> Date: Thu, 03 Feb 2005 13:24:09 +1100 User-Agent: Mozilla Thunderbird 1.0 (X11/20050111) X-Accept-Language: en-us, en MIME-Version: 1.0 To: internals@lists.php.net References: <5.1.0.14.2.20050201142816.026d21c0@localhost> <5.1.0.14.2.20050201111730.0299da70@localhost> <5.1.0.14.2.20050201111730.0299da70@localhost> <5.1.0.14.2.20050201142816.026d21c0@localhost> <5.1.0.14.2.20050201151955.02730ec0@localhost> <4200169A.6050905@lerdorf.com> <42001C1D.3090105@cschneid.com> <42001D7B.1040707@trickie.org> <420024EC.4080601@lerdorf.com> <4200457F.5080305@prohost.org> <42005629.3000905@lerdorf.com> <4200D48A.9070305@prohost.org> <42010045.20807@lerdorf.com> <12510140304.20050202223853@marcus-boerger.de> <42014F3B.5040607@lerdorf.com> <42018329.3010300@fission.org.uk> In-Reply-To: <42018329.3010300@fission.org.uk> X-Enigmail-Version: 0.90.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] PHP 5.1 From: php@trickie.org (Nick Loeve) Gareth Ardron wrote: > Rasmus Lerdorf wrote: > >> >> TCP/IP Firewalls break all sorts of applications as well until either >> the application is modified to poke a hole in the firewall itself via >> upnp, or you reconfigure the firewall. This makes firewalls >> annoying, but they are necessary. This is exactly the same thing. >> It is a data firewall for PHP. You don't have to use it, but people >> want it and need it. > > > I would think the difficulty would be in informing people that > functionality like this is only the start of good security. > > Maybe a proper, official, howto on PHP security should be drawn up The phpsec group started a project to do just that: http://www.phpsec.org/