mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2025-01-13 07:34:50 +00:00
Code Issues Releases Activity
4325f6f2f7
freebsd-ports/lang/php53/files/patch-php.ini-development

19 lines
762 B
Plaintext
Raw Normal View History

Update to PHP 5.3.2 release!
2010-04-09 09:34:43 +00:00
--- php.ini-development.orig 2009-06-28 19:56:18.000000000 +0200
+++ php.ini-development 2009-08-24 17:17:53.000000000 +0200
@@ -335,6 +335,15 @@
- fix open_basedir vulnerability in php4 and php5 [1] - add an alert on safe_mode intrinsic insecurity and suggest to install the suhosin extension - enable the suhosin patch by deafult also in php4 Submitted by: Thomas Vogt <thomas@bsdunix.ch> [1] Obtained from: PHP CVS [1] Approved by: portmgr (clement)
2006-10-16 09:30:58 +00:00
; Safe Mode
Update to PHP 5.3.2 release!
2010-04-09 09:34:43 +00:00
; http://php.net/safe-mode
+;
- fix open_basedir vulnerability in php4 and php5 [1] - add an alert on safe_mode intrinsic insecurity and suggest to install the suhosin extension - enable the suhosin patch by deafult also in php4 Submitted by: Thomas Vogt <thomas@bsdunix.ch> [1] Obtained from: PHP CVS [1] Approved by: portmgr (clement)
2006-10-16 09:30:58 +00:00
+; SECURITY NOTE: The FreeBSD Security Officer strongly recommend that
+; the PHP Safe Mode feature not be relied upon for security, since the
+; issues Safe Mode tries to handle cannot properly be handled in PHP
+; (primarily due to PHP's use of external libraries). While many bugs
+; in Safe Mode has been fixed it's very likely that more issues exist
+; which allows a user to bypass Safe Mode restrictions.
+; For increased security we always recommend to install the Suhosin
+; extension.
safe_mode = Off
; By default, Safe Mode does a UID compare check when
Reference in New Issue Copy Permalink