[php-maint] Bug#459814: Update to the php.ini-paranoid file under the examples directory

Javier Fernández-Sanguino Peña jfs at computer.org
Tue Jan 8 21:15:34 UTC 2008

Package: php5
Version: 5.2.4-2
Priority: wishlist
Tags: patch

Attached is an update of the php.ini-paranoid example file I provided a long
time ago (october 2004) updated to the latest contents of the php.ini-dist

- includes some variables which were no present in the first version and
  removes modules not available in PHP5. Also fixes typos in comments which
  have since been fixed in php.ini-dist
- adds notes (Debian-specific) of which security features applications should 
  not rely on
- add more information of why some variables were enabled
- reorder the description of chagnes to suit the location in the config file
- add notes of deprecated features in PHP6
- add more (suggested) changes to the session module to make a more secure
  use and storage of session IDs.
- remove the 'include' function from the list of disabled functions as it
  is quite common for most applications
- modify the valid 'include_path' to make it really paranoid ('.' is not
  allowed anymore)
- adjust locations of directories, including the upload dir and session dir
- proper definition for sql.safe_mode and description (missing in
  php.ini-dist of what it is really for)
- added session configuration variables which are not available in
  php.ini-dist together with recommended paranoid values
  (session.referer_check, session.entropy_file, session.entropy_length)
- added more information to session configuration (not available in php.ini)
  based on the information at php.net

Please apply the attached patch to the php.ini-paranoid present in the



This new version
-------------- next part --------------
A non-text attachment was scrubbed...
Name: php.ini-paranoid.diff
Type: text/x-diff
Size: 48199 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20080108/c430a2ed/attachment-0001.diff 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20080108/c430a2ed/attachment-0001.pgp 

More information about the pkg-php-maint mailing list