Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:61978
Return-Path: <php@golemon.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 77548 invoked from network); 2 Aug 2012 23:22:48 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 2 Aug 2012 23:22:48 -0000
Authentication-Results: pb1.pair.com header.from=php@golemon.com; sender-id=softfail
Authentication-Results: pb1.pair.com smtp.mail=php@golemon.com; spf=softfail; sender-id=softfail
Received-SPF: softfail (pb1.pair.com: domain golemon.com does not designate 209.85.213.42 as permitted sender)
X-PHP-List-Original-Sender: php@golemon.com
X-Host-Fingerprint: 209.85.213.42 mail-yw0-f42.google.com  
Received: from [209.85.213.42] ([209.85.213.42:57058] helo=mail-yw0-f42.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id E4/B2-61111-7CB0B105 for <internals@lists.php.net>; Thu, 02 Aug 2012 19:22:47 -0400
Received: by yhoo21 with SMTP id o21so119734yho.29
        for <internals@lists.php.net>; Thu, 02 Aug 2012 16:22:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20120113;
        h=mime-version:sender:x-originating-ip:in-reply-to:references:date
         :x-google-sender-auth:message-id:subject:from:to:cc:content-type
         :x-gm-message-state;
        bh=0GMU4WZobsK3h6bSyg0A8BZLQj++4UKt8fVCZtI4ajs=;
        b=kz+5XR4ZRnz/gLM89iNmPq3k3GMW4gjrYtNy9X+/7ECSmXzatoGQEbuM0ED47YXZtN
         lYY4BnYQGS4cPpSdnj5lASd0nB2KeaXs4QxbjxIyQr7OcmclxLE4uUbz08Ea2r0VlPTK
         Ih77vjZdH36YRnhWgiR6vlxup3RGbX5seAOgq9UEvPVOAZ3a9qJTfXT7Qq7kF1BjfTvJ
         b+8bRV1o4S6+IUjh0xUn8fGnAp0ghd618fYC+MyH9umcTTDRK0i7B5PYP8ETU4TTMHJs
         UfenKIZiOfDZOCSjmZAfKK+VsbeVP0ixtamGNuKxg0tbDP2JSJqsEqRAmWJfHgkphChu
         YUFg==
MIME-Version: 1.0
Received: by 10.50.195.234 with SMTP id ih10mr5678017igc.0.1343949763686; Thu,
 02 Aug 2012 16:22:43 -0700 (PDT)
Sender: php@golemon.com
Received: by 10.64.47.8 with HTTP; Thu, 2 Aug 2012 16:22:43 -0700 (PDT)
X-Originating-IP: [2620:0:1cfe:28:39d2:916c:a245:51b9]
In-Reply-To: <CAPwsocEbXSVSc-aDUQjjaADF3-pNLQF=Danxo67GE5oZpCY-5A@mail.gmail.com>
References: <CANVTSm5g0FWqe=HaJTutniLYOj19rp5twOzF0jti0y3iEsnWEg@mail.gmail.com>
	<CAKOpQSwSwseEoxDYzpfwkgk-azxKyAVq=hRJa=P=v8qg7VAJ_A@mail.gmail.com>
	<CAFt2z-nHB91SSNaJpn_K1-OzWtC7=W4WUUKCBQYHbb+kbeKsBg@mail.gmail.com>
	<CAESVnVpXTza67aOOeFqJ72F3=nxe3vTRHWkkzZNc+FChhCbwhg@mail.gmail.com>
	<CAPwsocEbXSVSc-aDUQjjaADF3-pNLQF=Danxo67GE5oZpCY-5A@mail.gmail.com>
Date: Thu, 2 Aug 2012 16:22:43 -0700
X-Google-Sender-Auth: b0fMUGpFqwNV2AAjzFnT-iwhn2Y
Message-ID: <CAESVnVrMwdqcofHt-xz7rkAoaRv=DOcNagqdnPajicteD4eEfw@mail.gmail.com>
To: Leigh <leight@gmail.com>
Cc: PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: ALoCoQnfbiUKiycX0T/ioANbDookt5We4BWZkcg6AHScyqbKmpmkIX1u0pwn/8adp+McQTm4Lwhx
Subject: Re: [PHP-DEV] Add runkit to PHP Runtime
From: pollita@php.net (Sara Golemon)

On Thu, Aug 2, 2012 at 4:17 PM, Leigh <leight@gmail.com> wrote:
>> Sandboxing: Complicated by the fact that it only works in a threaded
>> build, can't transfer all types (e.g. resource, complex objects), and
>> can't run concurrently.  Until/unless these problems can be
>> meaningfully solved, I wouldn't consider it a functional
>> implementation.
>
> To me the "thread thing" feels like the dirty hack workaround
> _because_ it's in PECL, and this is the only option available.
>
In all seriousness, I'd love to hear how you'd do Sandboxing without
using the tsrm context hack I used in runkit.  That approach had
nothing to do with being in PECL, it had to do with that being the
only mechanism available to swap globals in and out at will.