Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:58386 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 49477 invoked from network); 1 Mar 2012 03:04:47 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 1 Mar 2012 03:04:47 -0000 Authentication-Results: pb1.pair.com header.from=kris.craig@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=kris.craig@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.170 as permitted sender) X-PHP-List-Original-Sender: kris.craig@gmail.com X-Host-Fingerprint: 74.125.82.170 mail-we0-f170.google.com Received: from [74.125.82.170] ([74.125.82.170:57881] helo=mail-we0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id B7/E4-46815-E47EE4F4 for ; Wed, 29 Feb 2012 22:04:47 -0500 Received: by werh12 with SMTP id h12so76927wer.29 for ; Wed, 29 Feb 2012 19:04:43 -0800 (PST) Received-SPF: pass (google.com: domain of kris.craig@gmail.com designates 10.180.99.100 as permitted sender) client-ip=10.180.99.100; Authentication-Results: mr.google.com; spf=pass (google.com: domain of kris.craig@gmail.com designates 10.180.99.100 as permitted sender) smtp.mail=kris.craig@gmail.com; dkim=pass header.i=kris.craig@gmail.com Received: from mr.google.com ([10.180.99.100]) by 10.180.99.100 with SMTP id ep4mr6268447wib.7.1330571083443 (num_hops = 1); Wed, 29 Feb 2012 19:04:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=3IMLEHmMhfxkKyZgaLMau90n5gvm9jc1IhQlYCbZ9Z8=; b=xXD88egT7zqeG1erb5+MAzwN5jzXrJHtPqp3BAzEZjrUXcxPY/iLVOsotV8YClSrgG biPzlQvCp2yoyu1/pKRKBV1EFN9yzPSWvUxHPE7V7SUACr3o+opnU1D6tZ5JrfFnHuF8 3N2ipScPm1e+cvIFqdEV0RQQ6g4LYWBotcLrw= MIME-Version: 1.0 Received: by 10.180.99.100 with SMTP id ep4mr5028292wib.7.1330571083344; Wed, 29 Feb 2012 19:04:43 -0800 (PST) Received: by 10.223.75.146 with HTTP; Wed, 29 Feb 2012 19:04:43 -0800 (PST) In-Reply-To: References: <887FE7CFF6F8DE4BB3A9535F53AFD06AC3152F5D@il-ex2.zend.net> <43409D28-75AC-4E9C-A0EA-66FC1DB9FAE7@gmail.com> <80e16e4c67bbf04a676b73798682b07e.squirrel@www.l-i-e.com> Date: Wed, 29 Feb 2012 19:04:43 -0800 Message-ID: To: Richard Lynch Cc: internals@lists.php.net Content-Type: multipart/alternative; boundary=f46d04428e5cc56d4804ba25b8e7 Subject: Re: [PHP-DEV] Scalar type hinting From: kris.craig@gmail.com (Kris Craig) --f46d04428e5cc56d4804ba25b8e7 Content-Type: text/plain; charset=ISO-8859-1 Bah and after all that, I went and misspelled *Symantec. *grumbles* --Kris On Wed, Feb 29, 2012 at 7:01 PM, Kris Craig wrote: > @Richard Yeah that sounds about right actually. That's probably exactly > the reasoning behind the current model being what it is. > > However, it seems to me that, especially in complex proposals, the "should > we?" and the "how?" distinction becomes more and more difficult to avoid. > If everyone supports an idea, but there are a hundred different viable ways > to do it, having a hundred different competing proposals would be a > nightmare IMHO (especially if fifty of them passed and are directly > conflicting with one another lol). > > That's why I'm thinking, if you split them into separate questions but > keep them in the same overall proposal, you can wind up with the best of > both worlds. The "primary" question is whether or not this should be done > to begin with; if it fails, then everything else is moot. If it passes, on > the other hand, then the plurality on any secondary question(s) would allow > us to simultaneously and efficiently decide *how* it should be > implemented without having to create separate proposals or cause the > support vote to become split (since your vote(s) to any secondary questions > would have no bearing on your primary question vote). > > For example, let's time-travel ten years into the future. I wanted to > modify PHP 7.3's configure script to use a botnet I control to increase > PHP's processing power (as of PHP 7, PHP can exploit rootkits but it can't > control entire botnets). If enabled, the RFC argues, I'd be able to > increase my spam output tenfold and still have enough victim machines to > carry out a DoS attack against FaceGoo+ (yep, they merged) and silence my > many enemies. But then, there a serious problem surrounding this proposal > that someone raises: Should there be a switch to activate this or should > it simply be configure's default behavior? Also, should this include a > switch that instructs PHP to install a rootkit on vulnerable systems > automatically, and if so, should we integrate that with the main switch, > make it a separate switch, or just make it the default behavior as well? > > Naturally, this would best be handled as a single RFC. The "primary" > question would be something along the lines of, "Should PHP's built-in > trojan management capabilities be expanded to allow for control of large > botnets (yes/no)?" > > Then, there would be some secondary questions; for each one, the prefix > "If implemented...." is assumed: "Should the the switch be enabled by > default (yes/no)," "How should rootkit install toggling be handled (option > on main switch/separate switch/just make it default)," and, "Should we > commit another series of arsons at Semantic in order to slow the > development of new security patches that might hinder our supreme > objective?" > > > Heh sorry, my examples tend to get a bit psychotic after a long day at > work. But you have the gist of it, at least. ;) > > --Kris > > > > On Wed, Feb 29, 2012 at 6:32 PM, Richard Lynch wrote: > >> On Wed, February 29, 2012 6:55 pm, Kris Craig wrote: >> > If not, I'll go ahead and draft an RFC for these proposed amendments >> > sometime today or tomorrow when I get a spare moment. If anyone has >> > any >> > thoughts on this, please share them! Thanks! >> >> This is not an official answer. I don't have time to dig out references. >> >> I believe the PHP community settled on the idea of having a single >> simple pass / fail vote without the complexity of branches / options. >> >> It was simply to hard to tally the votes once you open up the options, >> because your support base ends up being split. >> >> NOTE: See current US Republican Primaries for examples of how complex >> it gets. :-) >> >> There is nothing to stop one from drafting multiple proposals, with >> alternative options, and each one getting vote upon, other than the >> time available to the person drafting the proposals. >> >> And, of course, a reasonable expectation that with TOO many proposals >> of the same idea, the community would quickly turn into robo-voting, >> both for and against, as that's just human nature. >> >> Again, I say, I don't claim to speak for the whole community. This is >> merely my interpretation from my faulty memory of past events. >> >> -- >> brain cancer update: >> http://richardlynch.blogspot.com/search/label/brain%20tumor >> Donate: >> >> https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FS9NLTNEEKWBE >> >> >> >> -- >> PHP Internals - PHP Runtime Development Mailing List >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> > --f46d04428e5cc56d4804ba25b8e7--