Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:57645 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 82642 invoked from network); 3 Feb 2012 08:25:02 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 3 Feb 2012 08:25:02 -0000 Authentication-Results: pb1.pair.com header.from=stefan@nopiracy.de; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=stefan@nopiracy.de; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain nopiracy.de from 81.169.146.161 cause and error) X-PHP-List-Original-Sender: stefan@nopiracy.de X-Host-Fingerprint: 81.169.146.161 mo-p00-ob.rzone.de Solaris 10 (beta) Received: from [81.169.146.161] ([81.169.146.161:17036] helo=mo-p00-ob.rzone.de) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 2C/F4-21135-DD99B2F4 for ; Fri, 03 Feb 2012 03:25:02 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; t=1328257498; l=1596; s=domk; d=nopiracy.de; h=To:References:Content-Transfer-Encoding:Cc:Date:In-Reply-To:From: Content-Type:Mime-Version:Subject:X-RZG-CLASS-ID:X-RZG-AUTH; bh=pfSiVmZ5vKnCW2mChX7/wUnP9G0=; b=VdXxzxR4O7mb8GLDhPtLTSYvWbjwqI8BlVM3GAn8+5Baa3EMMOm+DlfW1/OFqbBDpNe 3ej8C15zB0XZd2x3TcoKpTKkY66MJDbaEEeOokKsOCTP76N1ctuWvXpGjptR7cYbtTXJ9 Vt/pKfcgex3/jT3+87MD5Nuq3MiucjpXObY= X-RZG-AUTH: :OH4FY0Wkd/plSHgwfKFIgHoVYx5SSathkA9OvI+ii+JXGfvQUzm/Ahii7iullNGyVg== X-RZG-CLASS-ID: mo00 Received: from [10.23.17.42] (cable-78-34-71-151.netcologne.de [78.34.71.151]) by smtp.strato.de (klopstock mo31) (RZmta 27.6 DYNA|AUTH) with (AES128-SHA encrypted) ESMTPA id e00c2do138OJmm ; Fri, 3 Feb 2012 09:24:49 +0100 (MET) Mime-Version: 1.0 (Apple Message framework v1251.1) Content-Type: text/plain; charset=us-ascii In-Reply-To: <4F2B2ED8.4050900@jimdo.com> Date: Fri, 3 Feb 2012 09:24:49 +0100 Cc: PHP internals Content-Transfer-Encoding: quoted-printable Message-ID: <72878E6C-4C17-4D94-9F73-1446769247E1@nopiracy.de> References: <5FB5CFDA-6FE8-4C20-A9B9-7844ED96659B@nopiracy.de> <4F2A9378.70803@thelounge.net> <4F2AC9CA.2070308@sugarcrm.com> <4F2B2ED8.4050900@jimdo.com> To: Soenke Ruempler - Jimdo X-Mailer: Apple Mail (2.1251.1) Subject: Re: [PHP-DEV] Suhosin patch disabled by default in Debian php5 builds From: stefan@nopiracy.de (Stefan Esser) Hello Soenke, > I know it's hard because he personally attacks people and this doesn't > help at all, but deal with him. He really made PHP and the interwebs > more secure for the last decade. >=20 > Do not respect him for how (bad) he's communicating things, respect = him > for what he coded. We are coders. I am not attacking people personally. Telling someone that he looks very = stupid, because he did something stupid is not a personal attack. It is = stating the facts. How does it not look stupid for the "lead" maintainer of PHP in Debian* = to write a "We do not need Suhosin, because I believe there will be no = future Bugs in PHP" mail the very same day various PHP distributions = have to put out updates because of a critical security bug that INFACT = is mititgated by PHP. People don't get that saying we do not need Suhosin because there have = been no such critical bugs is like saying: we code perfectly we do not = need ASLR, NX, Fortify Source, ... And it does not only look stupid to write such a mail at that moment it = also shows how disconnected the Debian PHP maintainers are from what is = happening around PHP. It also shows that the PHP devs seem to not like the Debian people, = because otherwise they would have kept him in the loop. I know for a = fact that Ubuntu and Redhat were informed. So instead of telling me that I am bad with communication they should = start critizicing themself. Regards, Stefan *well I heard there is no such thing as a lead maintainer in Debian, but = he takes the lead at the moment