Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:57631 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 66967 invoked from network); 2 Feb 2012 18:30:27 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 2 Feb 2012 18:30:27 -0000 Authentication-Results: pb1.pair.com smtp.mail=keisial@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=keisial@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.54 as permitted sender) X-PHP-List-Original-Sender: keisial@gmail.com X-Host-Fingerprint: 74.125.82.54 mail-ww0-f54.google.com Received: from [74.125.82.54] ([74.125.82.54:49088] helo=mail-ww0-f54.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id DB/89-04454-346DA2F4 for ; Thu, 02 Feb 2012 13:30:27 -0500 Received: by wgbdq12 with SMTP id dq12so2772984wgb.11 for ; Thu, 02 Feb 2012 10:30:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=QZ+9L9m7pmTvl4SdGniPljguksKqtO8yiNLxRe48WnI=; b=jKiOfZBr+B9cBBpNu1yzbX6KdGqNpAbFc9QcYGb2WhLrNxMjUSu+W73uGVfVp311mm lh6T8nl3hmaKmIf9PUfWW8oLCXhiAT72+qYWDThb9wOmM9pVNmXweKId/FIU7VhhtQAt qJLY6eU7Is1xArRDPTpTmxQJHAg/fDil0syBo= Received: by 10.180.92.71 with SMTP id ck7mr8287010wib.3.1328207424560; Thu, 02 Feb 2012 10:30:24 -0800 (PST) Received: from [192.168.1.26] (69.red-80-28-68.adsl.dynamic.ccgg.telefonica.net. [80.28.68.69]) by mx.google.com with ESMTPS id q7sm1412902wix.5.2012.02.02.10.30.21 (version=SSLv3 cipher=OTHER); Thu, 02 Feb 2012 10:30:23 -0800 (PST) Message-ID: <4F2AD757.3070406@gmail.com> Date: Thu, 02 Feb 2012 19:35:03 +0100 User-Agent: Thunderbird MIME-Version: 1.0 To: Stefan Esser CC: Pierre Joye , =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= , 657698 <657698@bugs.debian.org>, Christoph Anton Mitterer , Douglas Calvert , Jesse Molina , Carlos Alberto Lopez Perez , PHP internals , Debian Developers , Debian PHP Maintainers References: <5FB5CFDA-6FE8-4C20-A9B9-7844ED96659B@nopiracy.de> <46104CB6-A868-41C3-B8E1-F1E0AC06BCAB@nopiracy.de> In-Reply-To: <46104CB6-A868-41C3-B8E1-F1E0AC06BCAB@nopiracy.de> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Suhosin patch disabled by default in Debian php5 builds From: keisial@gmail.com (=?UTF-8?B?w4FuZ2VsIEdvbnrDoWxleg==?=) Stefan Esser wrote: > And there are many many good reasons, why Suhosin must be external to PHP. > The most obvious one is that the code is clearly separated, so that not someone of the hundred PHP commiters accidently breaks a safe guard. That's not a justification to keep it as a patch. Safe guards could prefectly be skipped by a commit which changed near code, reestructures the function or creates a different path, *even if the patch still applies*. So you would still need to check for all kind of unexpected changes anyway. If it were in core, at least anyone changing the related code would realise that it's there, and could take that into account for not breaking it. If it's maintained by someone else as a patch, that simply won't happen.