mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-28 05:29:48 +00:00
d754180768
- add an alert on safe_mode intrinsic insecurity and suggest to install the suhosin extension - enable the suhosin patch by deafult also in php4 Submitted by: Thomas Vogt <thomas@bsdunix.ch> [1] Obtained from: PHP CVS [1] Approved by: portmgr (clement)
19 lines
716 B
Plaintext
19 lines
716 B
Plaintext
--- php.ini-recommended.orig Fri Dec 30 18:19:43 2005
|
|
+++ php.ini-recommended Mon Oct 16 08:13:05 2006
|
|
@@ -223,6 +223,15 @@
|
|
;
|
|
; Safe Mode
|
|
;
|
|
+; SECURITY NOTE: The FreeBSD Security Officer strongly recommend that
|
|
+; the PHP Safe Mode feature not be relied upon for security, since the
|
|
+; issues Safe Mode tries to handle cannot properly be handled in PHP
|
|
+; (primarily due to PHP's use of external libraries). While many bugs
|
|
+; in Safe Mode has been fixed it's very likely that more issues exist
|
|
+; which allows a user to bypass Safe Mode restrictions.
|
|
+; For increased security we recommend to always install the Suhosin
|
|
+; extension.
|
|
+;
|
|
safe_mode = Off
|
|
|
|
; By default, Safe Mode does a UID compare check when
|