Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:53122 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 22898 invoked from network); 7 Jun 2011 09:40:44 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 7 Jun 2011 09:40:44 -0000 Authentication-Results: pb1.pair.com smtp.mail=h.reindl@thelounge.net; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=h.reindl@thelounge.net; sender-id=pass Received-SPF: pass (pb1.pair.com: domain thelounge.net designates 91.118.73.15 as permitted sender) X-PHP-List-Original-Sender: h.reindl@thelounge.net X-Host-Fingerprint: 91.118.73.15 mail.thelounge.net Windows 98 (1) Received: from [91.118.73.15] ([91.118.73.15:57237] helo=mail.thelounge.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id CA/F0-16914-A12FDED4 for ; Tue, 07 Jun 2011 05:40:43 -0400 Received: from [10.0.0.99] (rh.thelounge.net [10.0.0.99]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.thelounge.net (Postfix) with ESMTPSA id E0B0C98 for ; Tue, 7 Jun 2011 11:40:38 +0200 (CEST) Message-ID: <4DEDF216.6070308@thelounge.net> Date: Tue, 07 Jun 2011 11:40:38 +0200 Organization: the lounge interactive design User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110428 Fedora/3.1.10-1.fc14 Lightning/1.0b3pre Thunderbird/3.1.10 MIME-Version: 1.0 To: internals@lists.php.net References: <8757232E56758B42B2EE4F9D2CA019C901499F97@US-EX2.zend.net> <97.45.23189.8060DED4@pb1.pair.com> <4DED5F9B.7060101@thelounge.net> <4DEDC9F5.3030403@thelounge.net> <4DEDF049.7050504@gmail.com> In-Reply-To: <4DEDF049.7050504@gmail.com> X-Enigmail-Version: 1.1.2 OpenPGP: id=7F780279; url=http://arrakis.thelounge.net/gpg/h.reindl_thelounge.net.pub.txt Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigEC457FC9A3D25DC7C4CAD2AA" Subject: Re: [PHP-DEV] Bundling "modern" extensions From: h.reindl@thelounge.net (Reindl Harald) --------------enigEC457FC9A3D25DC7C4CAD2AA Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Am 07.06.2011 11:32, schrieb David Muir: > On 07/06/11 15:49, Reindl Harald wrote: >> >> Am 07.06.2011 04:42, schrieb Martin Scotta: >>> On Mon, Jun 6, 2011 at 8:15 PM, Reindl Harald wrote: >>> >>>> Am 06.06.2011 23:40, schrieb Martin Scotta: >>>> >>>>> It'd be very nice if some extension could be enabled just by droppi= ng the >>>>> "extension file" on the path. >>>>> So developers can check what they have using phpinfo, and then uplo= ad the >>>>> needed extension using ftp. Is it possible? >>>> if a "developer" only would try such idiotic action >>>> he would lost his accounts forever and get fired from >>>> one day to the next! >>>> >>>> WTF how can anybody have the idea that it would be a good >>>> idea to let non-sysadmins uplod and execute binaries on a >>>> server? >>>> >>>> >>> Thanks you for all yours responses. >>> Now it's clear what the issue is... the usage of compiled "libraries"= =2E >>> >>> We need some middleware between the core and PHP. >>> That way extensions could be written in PHP, compiled and distributed= in >>> some "library" format. >>> Library users just add them into their path, include them, and use th= e >>> classes/functions as usual. >>> >>> - No OS dependence >>> - minimum dependence with core version >>> - size of core will reduce drastically >>> - faster runtime, include only what libs you use, as you need them >> what are you speaking about and since how long you are working >> with PHP that you never heard about PEAR, ZendFramework....? >> >=20 > And you should know that PEAR and ZF are user-land libraries, not > compiled libraries. i know that > I think Martin is wishing for is the PHP Native Interface: > https://wiki.php.net/rfc/php_native_interface where is the real difference to a userland-library as PEAR and the thousand other which exists and will we ever see a solution for extensions wich is SECURE? there is a reason for example to disallow many functions on a webserver - so every API has to make sure they can not be bypassed "because we can" is no valid reason for everything because we can install binary extension as they exist now and if you can not you are missing the permissions for some good reasons --------------enigEC457FC9A3D25DC7C4CAD2AA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk3t8hYACgkQhmBjz394AnnFRQCfXKSsYJZNQYO7fcsnHIn5O/On adUAn3ULy/k3J6HRQXwX5LioT6v+/EzX =RlL2 -----END PGP SIGNATURE----- --------------enigEC457FC9A3D25DC7C4CAD2AA--