Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:57635 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 81111 invoked from network); 2 Feb 2012 20:11:46 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 2 Feb 2012 20:11:46 -0000 Authentication-Results: pb1.pair.com smtp.mail=zigo@debian.org; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=zigo@debian.org; sender-id=unknown Received-SPF: error (pb1.pair.com: domain debian.org from 117.121.247.104 cause and error) X-PHP-List-Original-Sender: zigo@debian.org X-Host-Fingerprint: 117.121.247.104 mx.atlanta.gplhost.com Linux 2.6 Received: from [117.121.247.104] ([117.121.247.104:54692] helo=mx.atlanta.gplhost.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 8A/2B-04454-10EEA2F4 for ; Thu, 02 Feb 2012 15:11:45 -0500 Received: from mx.atlanta.gplhost.com (localhost.localdomain [127.0.0.1]) by mx.atlanta.gplhost.com (Postfix) with ESMTP id 6AFE1FE25D; Thu, 2 Feb 2012 20:12:30 +0000 (UTC) Received: from [127.0.0.1] (atl.apt-proxy.gplhost.com [117.121.247.20]) by mx.atlanta.gplhost.com (Postfix) with ESMTPA id 6608FFE146; Thu, 2 Feb 2012 20:12:27 +0000 (UTC) Message-ID: <4F2AEDF8.2010203@debian.org> Date: Fri, 03 Feb 2012 04:11:36 +0800 Organization: Debian User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20111110 Icedove/3.0.11 MIME-Version: 1.0 To: Stas Malyshev CC: Stefan Esser , Pierre Joye , 657698 <657698@bugs.debian.org>, Christoph Anton Mitterer , Douglas Calvert , Jesse Molina , Carlos Alberto Lopez Perez , PHP internals , Debian Developers , Debian PHP Maintainers References: <5FB5CFDA-6FE8-4C20-A9B9-7844ED96659B@nopiracy.de> <46104CB6-A868-41C3-B8E1-F1E0AC06BCAB@nopiracy.de> <4F2ACEEB.4080202@sugarcrm.com> In-Reply-To: <4F2ACEEB.4080202@sugarcrm.com> X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=ISO-8859-2 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Suhosin patch disabled by default in Debian php5 builds From: zigo@debian.org (Thomas Goirand) On 02/03/2012 01:59 AM, Stas Malyshev wrote: > You seem to advocate the approach in which > performance and convenience can and should be sacrificed to security. > It is a matter of opinion Something I don't get here. If there's this issue, and different tastes, why can't a build flag be used, so that you can choose security or speed depending on your needs? If you do some: #ifdef ENABLE_SLOWER_SUHOSIN_SECURITY in the controversial parts, then I don't see how this would be of trouble for anyone to have Suhosin included in upstream PHP. Cheers, Thomas Goirand (zigo)