Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:87154
Return-Path: <rasmus@lerdorf.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 58006 invoked from network); 13 Jul 2015 18:48:08 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 13 Jul 2015 18:48:08 -0000
Authentication-Results: pb1.pair.com header.from=rasmus@lerdorf.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=rasmus@lerdorf.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain lerdorf.com designates 209.85.220.54 as permitted sender)
X-PHP-List-Original-Sender: rasmus@lerdorf.com
X-Host-Fingerprint: 209.85.220.54 mail-pa0-f54.google.com  
Received: from [209.85.220.54] ([209.85.220.54:33223] helo=mail-pa0-f54.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 67/7D-43998-6E704A55 for <internals@lists.php.net>; Mon, 13 Jul 2015 14:48:07 -0400
Received: by padck2 with SMTP id ck2so46938637pad.0
        for <internals@lists.php.net>; Mon, 13 Jul 2015 11:48:04 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to
         :subject:references:in-reply-to:content-type;
        bh=eVtF3Jjnmjm4uol4u83LaysoOy0wvKY/IokH6Urao8A=;
        b=dfgegyUlQJNMv+m7RmTrQ6ewJ5jSJysMFltjmFtwFM211US+2LygSmAWNhSro7HmVN
         4oKWwXVTIGKIDG4Z1HUbgW0HQIWq9YOtjyNiSUmYLLa/7+6snR9RIJNjgqPKYjJgdyq1
         ul1nLvlXfcGfYN2rmDNM5UXNhNHnjbqKe0sWerEHu6sPyS7CE6UpPlwUNs0/KtquHxrt
         Prfp4iNpQZ0NbtyY3T/nDZ1fG0O1tawCVfDOrlMfalhS87op4KoDizdY1EW8ke2ejGsU
         55PFpcdgQApMt2o2QfvG96wITLfPLd7t658q0/XIVQsqM2jHKc0vA/MbAdsgHmDygn4H
         rqZg==
X-Gm-Message-State: ALoCoQm10sU3CmakI/vp13cFYfZMFci8DCMhkB7mIaB40E5ym1piaJfe8m1IMLsI4WXHodLmWUXv
X-Received: by 10.70.34.38 with SMTP id w6mr73009026pdi.147.1436813284203;
        Mon, 13 Jul 2015 11:48:04 -0700 (PDT)
Received: from [192.168.200.14] (c-50-131-44-225.hsd1.ca.comcast.net. [50.131.44.225])
        by smtp.googlemail.com with ESMTPSA id si7sm19265097pbc.54.2015.07.13.11.48.01
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 13 Jul 2015 11:48:02 -0700 (PDT)
Message-ID: <55A407E1.9020005@lerdorf.com>
Date: Mon, 13 Jul 2015 11:48:01 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Matt Tait <matt.tait@gmail.com>, internals@lists.php.net
References: <CAEZfaM7CJZhNzZBSWwSuEwXLzyELHe+JQrU0aQgMn1cqsCLVVQ@mail.gmail.com>
In-Reply-To: <CAEZfaM7CJZhNzZBSWwSuEwXLzyELHe+JQrU0aQgMn1cqsCLVVQ@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="J3Ib2u8dcUX2UT27DVormkg2pxrxTkUc3"
Subject: Re: [PHP-DEV] Introductions
From: rasmus@lerdorf.com (Rasmus Lerdorf)

--J3Ib2u8dcUX2UT27DVormkg2pxrxTkUc3
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 07/13/2015 11:23 AM, Matt Tait wrote:
> Hi all,
>=20
> I'm Matt Tait; a security researcher at Google, and I'm quite intereste=
d in
> looking at and helping to build new security-related features within PH=
P;
> i.e. features that reduce the likelihood that deployments of PHP end up=

> being hacked.
>=20
> In the short term, I'm quite interested in looking at ensuring that all=
 of
> the compiler and operating-system security features are enabled by defa=
ult,
> and later I hope to be looking at both hardening the PHP core against
> various categories of memory-corruption vulnerability. Hopefully this w=
ork
> will also end up improving the performance and security of various part=
s of
> PHP core.
>=20
> In the longer-term I'm also interested in building user-visible feature=
s
> for PHP that would allow developers who want or need to deploy PHP to
> sensitive environments to prevent certain categories of error across th=
eir
> entire codebase (such as SQL injection and so on) that are commonly use=
d by
> hackers. This would be particularly useful for many less-technical
> companies who are worried about hackers, but unable to ensure that ever=
y
> component they plug in to their website is coded with security-in-mind.=

>=20
> I look forward to working with you all to make PHP a better product for=
 PHP
> developers and website owners!

Sounds great.

There is some intro info along with the git account request form here:
http://php.net/git-php.php

-Rasmus





--J3Ib2u8dcUX2UT27DVormkg2pxrxTkUc3
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlWkB+EACgkQlxayKTuqOuA2mACdH0sI0wPLSh5+HPS9x0EhqVCM
uS8An1uKk0lhGOREI/ycaSSJkxDX584C
=J0ZL
-----END PGP SIGNATURE-----

--J3Ib2u8dcUX2UT27DVormkg2pxrxTkUc3--