[php-maint] Bug#397179: Bug#397179: Please don't add this patch
seanius at debian.org
Thu May 17 14:27:04 UTC 2007
On Thu, 2007-05-17 at 16:01 +0200, Thijs Kinkhorst wrote:
> I'm not in favour of adding this patch. It *will* create different
> behaviour than the vanilla PHP does - that's the whole purpose of the
> thing. Especially for an interpreter (or compiler) it's undesirable that
> running a web application under RedHat PHP 5.1.2 yields different results
> than under Debian PHP 5.1.2. Being a maintainer of web applications I know
> how hard it is to keep one application functioning on the different
> versions that upstream distributes - let alone if distributions are going
> to change it aswell.
what exactly is the different behaviour that we're looking to avoid? as
i've said in the past i'm not horribly familiar with the inner workings
of suhosin's magic.
> There's a separate package available that has this patch, as was mentioned
> above. Why can't you use that? Seems like the solution to please all.
afaik there are two components to suhosin... a pecl style extension and
a patch to the core system. you can have the module without the patch,
but hte patch is supposed to be better.
fwiw, it seems that some people are starting to ship php with suhosin
applied by default. namely, freebsd seems to (i helped a friend the
other day and took note of it when i saw his phpinfo() output).
my general inclination is to give the patch a try when the deluge of
security related issues in php dies down (yeah, real soon, i'm sure any
day now :) and i have some free time to spend on it. however, if you
have a convincing argument why with concrete examples of what it would
break/change, i'm open to hearing them.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20070517/f8c28541/attachment.pgp
More information about the pkg-php-maint