Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:33073 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 85613 invoked by uid 1010); 10 Nov 2007 04:32:14 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 85594 invoked from network); 10 Nov 2007 04:32:14 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 10 Nov 2007 04:32:14 -0000 Authentication-Results: pb1.pair.com header.from=david.coallier@gmail.com; sender-id=pass; domainkeys=bad Authentication-Results: pb1.pair.com smtp.mail=david.coallier@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.146.179 as permitted sender) DomainKey-Status: bad X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01 X-PHP-List-Original-Sender: david.coallier@gmail.com X-Host-Fingerprint: 209.85.146.179 wa-out-1112.google.com Received: from [209.85.146.179] ([209.85.146.179:32799] helo=wa-out-1112.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 10/E9-24268-C4435374 for ; Fri, 09 Nov 2007 23:32:12 -0500 Received: by wa-out-1112.google.com with SMTP id l24so896973waf for ; Fri, 09 Nov 2007 20:32:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; bh=1wvHHI0lf64E7IkoQH7y3OCCfMX1NwVMs8mtYrbMm6o=; b=SH1+M4oBgpOZc2Xa0fUiKxMxaahVibuZw5Mm4InaF8BByZ/N48J3//tJHkJOE8/5y7mt4FgrUNb+0YPLIwwvYZ68m0dIoi4iG0CCbh39Iaz3EAcvSbL0en3Inzho39uB08yCeU0dKl1s4FpEdyGcL/2xubIivwPI9iAAZttnenU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=Vg+3L6tzJPA9X7Xej525SZ2yBr5LxjrlUP4U02uIiSc018PEan+L9HuYaoEVLZYjh0NfsKngyljB3PAOFWIZmh+vCV3bn+XDuxgpkwiAFvCu8UNTsCtgpKe8l/y4lgbSB5plYHl4FvTUZQBNWrdaE/0A49uIJQnScw/bWHaoAZU= Received: by 10.143.33.19 with SMTP id l19mr417863wfj.1194669121410; Fri, 09 Nov 2007 20:32:01 -0800 (PST) Received: by 10.143.41.16 with HTTP; Fri, 9 Nov 2007 20:32:01 -0800 (PST) Message-ID: Date: Fri, 9 Nov 2007 23:32:01 -0500 Sender: david.coallier@gmail.com To: "PHP Internals" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Google-Sender-Auth: 38a152c8877bf55b Subject: Question about Core inclusion From: david.coallier@nyphp.com ("David Coallier") Hey there all, over the past few days I was thinkering over something that I consider could be a good addition to the core or actually to the php distribution. PhpSecInfo, the project by Ed Finkler. I was thinking in making that an extension that we could distribute with the distribution so the same way someone has access to phpinfo() he'd have access to phpsecinfo(); to show all the security warnings from it's php.ini and server settings. So my question is, is the effort worth it or it's sure to be refused ? If people seem interested that's cool, if not that's cool too. I just thought it might be a great way to help people resolve some "simple" security problems due simply to their configuration. Let me know what you all think, Thanks, D