Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:57627 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 56045 invoked from network); 2 Feb 2012 17:42:31 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 2 Feb 2012 17:42:31 -0000 Authentication-Results: pb1.pair.com header.from=h.reindl@thelounge.net; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=h.reindl@thelounge.net; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain thelounge.net designates 91.118.73.15 as permitted sender) X-PHP-List-Original-Sender: h.reindl@thelounge.net X-Host-Fingerprint: 91.118.73.15 mail.thelounge.net Received: from [91.118.73.15] ([91.118.73.15:45505] helo=mail.thelounge.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id FB/B7-04454-60BCA2F4 for ; Thu, 02 Feb 2012 12:42:31 -0500 Received: from rh.thelounge.net (rh.thelounge.net [10.0.0.99]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.thelounge.net (Postfix) with ESMTPSA id 426419A for ; Thu, 2 Feb 2012 18:42:27 +0100 (CET) Message-ID: <4F2ACB02.9020309@thelounge.net> Date: Thu, 02 Feb 2012 18:42:26 +0100 Organization: the lounge interactive design User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120131 Thunderbird/10.0 MIME-Version: 1.0 To: internals@lists.php.net References: <5FB5CFDA-6FE8-4C20-A9B9-7844ED96659B@nopiracy.de> <4F2A9378.70803@thelounge.net> <4F2AC9CA.2070308@sugarcrm.com> In-Reply-To: <4F2AC9CA.2070308@sugarcrm.com> X-Enigmail-Version: 1.3.5 OpenPGP: id=7F780279; url=http://arrakis.thelounge.net/gpg/h.reindl_thelounge.net.pub.txt Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig492B68124010BDD037059699" Subject: Re: [PHP-DEV] Suhosin patch disabled by default in Debian php5 builds From: h.reindl@thelounge.net (Reindl Harald) --------------enig492B68124010BDD037059699 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Am 02.02.2012 18:37, schrieb Stas Malyshev: >> yes, but suhosin-extension and hardening patch exists since many years= >> >> the question from a normal user: >> why are these things not included in the core? >=20 > Because some of these things slow down the code=20 we are using suhosin patch and extension since years on 5 VMware-Guests on the same host for 500 domains and even running one of them a site with many hundret active sessions was not a single performance problem without bytecode-cache you have much more problems > thus may not be beneficial to the most users security is not beneficial to the most users? security is THE benefit for ALL users, especially in days where many are running crap-code like Joomla/Wordpress with all sorts of plugins throwing millions of warning if you run with E_ALL and E_STRCIT --------------enig492B68124010BDD037059699 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8qywIACgkQhmBjz394AnkurgCfSbkJI0OV6xgWaAvoWsHcbpih SyAAn3N5iKAIefKh0vYgs6m/zDi6ZOfQ =VWeQ -----END PGP SIGNATURE----- --------------enig492B68124010BDD037059699--