Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:79322 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 31529 invoked from network); 30 Nov 2014 18:06:18 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 30 Nov 2014 18:06:18 -0000 Authentication-Results: pb1.pair.com smtp.mail=remi@fedoraproject.org; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=remi@fedoraproject.org; sender-id=unknown Received-SPF: error (pb1.pair.com: domain fedoraproject.org from 217.70.183.195 cause and error) X-PHP-List-Original-Sender: remi@fedoraproject.org X-Host-Fingerprint: 217.70.183.195 relay3-d.mail.gandi.net Received: from [217.70.183.195] ([217.70.183.195:46300] helo=relay3-d.mail.gandi.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id AC/01-22137-89C5B745 for ; Sun, 30 Nov 2014 13:06:17 -0500 Received: from mfilter24-d.gandi.net (mfilter24-d.gandi.net [217.70.178.152]) by relay3-d.mail.gandi.net (Postfix) with ESMTP id 9A564A8075 for ; Sun, 30 Nov 2014 19:06:13 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mfilter24-d.gandi.net Received: from relay3-d.mail.gandi.net ([217.70.183.195]) by mfilter24-d.gandi.net (mfilter24-d.gandi.net [10.0.15.180]) (amavisd-new, port 10024) with ESMTP id 7dFWcTOZVPHF for ; Sun, 30 Nov 2014 19:06:12 +0100 (CET) X-Originating-IP: 82.241.130.121 Received: from schrodingerscat.famillecollet.com (pom51-2-82-241-130-121.fbx.proxad.net [82.241.130.121]) (Authenticated sender: contact@ll-experts.com) by relay3-d.mail.gandi.net (Postfix) with ESMTPSA id 16034A80BE for ; Sun, 30 Nov 2014 19:06:11 +0100 (CET) Message-ID: <547B5C93.7050001@fedoraproject.org> Date: Sun, 30 Nov 2014 19:06:11 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 MIME-Version: 1.0 To: PHP Internals References: <547AD8D8.9060603@fedoraproject.org> In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [PHP-DEV] Feature: use Posix ACL for FPM socket From: remi@fedoraproject.org (Remi Collet) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Le 30/11/2014 16:34, Levi Morrison a =C3=A9crit : >> This seems to be a small self contained feature. I'd like to be >> able to implement this in 5.6+ >>=20 >> Is a RFC needed ? >=20 > Is it possible for the ACL header to be in another location? Patch refreshed with a check for this header. > That's the only potential issue I can see with the patch itself. >=20 > However, I think we should stop including features in our patch=20 > releases. I've heard a few others express similar sentiment, but > it may have been more targeted at what we are allowing for "bug > fixes" in patch releases. Anyway, that's my input. Yes, I'm one wanting to reduce new feature in stable branch... This is the reason why I propose this feature for 5.6 (not 5.5) and with a new option to not change default build. And I also think use of ACL can slightly improve security. But of course, there is always some risk. Remi. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlR7XJMACgkQYUppBSnxahg2XACfVqwVDnme0KT6Ct1Ev4Uu0Kvd 2TIAoKbG8oUzUzBSGWsDJDVLF9PHBAP5 =3DTKIl -----END PGP SIGNATURE-----