Hardened PHP, anyone?

Andrew Hunter andy.hunter at rogers.com
Sat Jan 13 05:57:20 UTC 2007

On Friday 12 January 2007 20:41, Evan Leibovitch wrote:
> While PHP seems to be the language lots of people love to hate, there's
> no question it runs many of the open source world's favourite applications.
> One of the big knocks I've heard against PHP is that it's far to easy
> too write really insecure apps. I've come across a project that hardens
> PHP, through two components which address the most dangerous of
> practises. One is a patch to the PHP core code, the other is an add-on
> module:
> http://www.hardened-php.net/suhosin.127.html
> I haven't even bothered with the patch, but I've been unable to install
> all the packages necessary to build the module. The makers of this
> project say that Gentoo and FreeBSD alread include the components within
> their distos; any chance of seeing it available within Ubuntu, even in
> universe/multiverse

You could make a request to have it packaged (see MOTU on the wiki), but this 
is one of the cases where either you or some motivated person would need to 
do it. 

> - Evan

More information about the ubuntu-ca mailing list