Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:57654
Return-Path: <lester@lsces.co.uk>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 14150 invoked from network); 3 Feb 2012 10:50:44 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 3 Feb 2012 10:50:44 -0000
Authentication-Results: pb1.pair.com smtp.mail=lester@lsces.co.uk; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=lester@lsces.co.uk; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain lsces.co.uk from 213.123.26.188 cause and error)
X-PHP-List-Original-Sender: lester@lsces.co.uk
X-Host-Fingerprint: 213.123.26.188 c2beaomr10.btconnect.com  
Received: from [213.123.26.188] ([213.123.26.188:18563] helo=mail.btconnect.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id BB/50-11798-DFBBB2F4 for <internals@lists.php.net>; Fri, 03 Feb 2012 05:50:38 -0500
Received: from host81-138-11-136.in-addr.btopenworld.com (EHLO _10.0.0.4_) ([81.138.11.136])
	by c2beaomr10.btconnect.com
	with ESMTP id GBR87832;
	Fri, 03 Feb 2012 10:50:34 +0000 (GMT)
Message-ID: <4F2BBBF9.3010501@lsces.co.uk>
Date: Fri, 03 Feb 2012 10:50:33 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0.1) Gecko/20111220 Firefox/9.0.1 SeaMonkey/2.6.1
MIME-Version: 1.0
To: PHP internals <internals@lists.php.net>
References: <CALjhHG_wYvJn-Z+x9fJUi+dgmZ+Ha9BD54N5VwhneJM4sg1xBQ@mail.gmail.com> <5FB5CFDA-6FE8-4C20-A9B9-7844ED96659B@nopiracy.de> <CAEZPtU7jtQTDNpUovxxnDdRunjH9BOdX=WbS8JcGz+5Wkz8ocw@mail.gmail.com> <4F2A9378.70803@thelounge.net> <4F2AC9CA.2070308@sugarcrm.com> <4F2B2ED8.4050900@jimdo.com> <72878E6C-4C17-4D94-9F73-1446769247E1@nopiracy.de> <CAEZPtU5CP3GqUnKsxx51-ieHAdGh=ySvZCWhhAwa0kwuNG6Bhg@mail.gmail.com> <A33C7716-F355-455E-863D-5458205C3208@nopiracy.de>
In-Reply-To: <A33C7716-F355-455E-863D-5458205C3208@nopiracy.de>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Mirapoint-IP-Reputation: reputation=Fair-1,
	source=Queried,
	refid=tid=0001.0A0B0301.4F2BBBF9.009E,
	actions=tag
X-Junkmail-Premium-Raw: score=7/50,
	refid=2.7.2:2012.1.30.73017:17:7.763,
	ip=81.138.11.136,
	rules=__MOZILLA_MSGID,
		__HAS_MSGID,
		__SANE_MSGID,
		__USER_AGENT,
		__MIME_VERSION,
		__TO_MALFORMED_2,
		__BOUNCE_CHALLENGE_SUBJ,
		__BOUNCE_NDR_SUBJ_EXEMPT,
		__SUBJ_ALPHA_END,
		__CT,
		__CT_TEXT_PLAIN,
		__CTE,
		__ANY_URI,
		__URI_NO_MAILTO,
		__CP_URI_IN_BODY,
		SUPERLONG_LINE,
		BODYTEXTP_SIZE_3000_LESS,
		BODY_SIZE_1800_1899,
		__MIME_TEXT_ONLY,
		RDNS_GENERIC_POOLED,
		BODY_SIZE_5000_LESS,
		RDNS_SUSP_GENERIC,
		RDNS_SUSP,
		BODY_SIZE_2000_LESS,
		BODY_SIZE_7000_LESS
X-Junkmail-Status: score=10/50, host=c2beaomr10.btconnect.com
X-Junkmail-Signature-Raw: score=unknown,
	refid=str=0001.0A0B0209.4F2BBBFA.0031:SCFSTAT14830815,ss=1,re=-4.000,fgs=0,
	ip=0.0.0.0,
	so=2011-07-25 19:15:43,
	dmn=2011-05-27 18:58:46,
	mode=multiengine
X-Junkmail-IWF: false
Subject: Re: [PHP-DEV] Suhosin patch disabled by default in Debian php5 builds
From: lester@lsces.co.uk (Lester Caine)

Stefan Esser wrote:
> I am not interested in pushing Suhosin into PHP mainline. Why in hell would I want that. If Suhosin gets absorbed by PHP.net then I would have to start a new project, because there are tons of mitigations I can think up that will be implemented at some point in time and will never make it into PHP mainline.

All my production systems have suhosin installed and have done since SUSE 
provided it by default. Just like eaccelerator, I am more than happy with these 
third party enhancements to PHP. Once again, the drive is to 'push everything 
into core' when it makes MUCH more sense to provide a much cleaner and 
consistent management system for a modular approach. SOME key features of 
suhosin do have a place in PHP, but others would not 'find approval', so 
removing suhosin is simply not an option. Cherry picking features that some 
contributors find useful is no replacement for well constructed third party 
modules, so they too need to work in harmony rather than continually battling to 
maintain compatibility. Some 'features' are not commonly required, and providing 
them as external modules is always going to be the ideal answer!

There is no 'demand' here for any support of these third party packages by the 
php developers, only that they recognise that some changes being made may result 
in problems down stream which it may be nicer to accept and address rather than 
simply saying "we don't support that" and sticking two fingers up :(

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php