[php-maint] Bug#579922: libapache2-mod-php5: change allow_url_fopen = Off
Toni Mueller
support at oeko.net
Sun May 2 10:47:13 UTC 2010
Package: libapache2-mod-php5
Severity: wishlist
Hi,
while revisiting the latest Typo3 problem, I found that Debian ships
with
allow_url_fopen = On
I suggest that this be changed to
allow_url_fopen = Off
to reduce the change of PHP applications being exploited, and, if you
really need to, place a big flashing warning around it to warn users
from changing it to "On" again.
Kind regards,
--Toni++
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (250, 'unstable'), (50, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-4-686-bigmem (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libapache2-mod-php5 depends on:
pn apache2-mpm-pre <none> (no description available)
ii apache2.2-commo 2.2.15-3 Apache HTTP Server common files
ii libbz2-1.0 1.0.5-4 high-quality block-sorting file co
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
ii libcomerr2 1.41.11-1 common error description library
ii libdb4.6 4.6.21-16 Berkeley v4.6 Database Libraries [
ii libkrb53 1.6.dfsg.4~beta1-5lenny2 MIT Kerberos runtime libraries
ii libmagic1 5.04-2 File type determination library us
ii libpcre3 7.8-3 Perl 5 Compatible Regular Expressi
ii libssl0.9.8 0.9.8n-1 SSL shared libraries
ii libxml2 2.7.7.dfsg-2 GNOME XML library
ii mime-support 3.48-1 MIME files 'mime.types' & 'mailcap
ii php5-common 5.3.2-1 Common files for packages built fr
ii tzdata 2010i-1 time zone and daylight-saving time
ii ucf 3.0025 Update Configuration File: preserv
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
libapache2-mod-php5 recommends no packages.
Versions of packages libapache2-mod-php5 suggests:
ii php-pear 5.3.2-1 PEAR - PHP Extension and Applicati
More information about the pkg-php-maint
mailing list