Hardened PHP, anyone?
Andrew Hunter
andy.hunter at rogers.com
Sat Jan 13 05:57:20 UTC 2007
On Friday 12 January 2007 20:41, Evan Leibovitch wrote:
> While PHP seems to be the language lots of people love to hate, there's
> no question it runs many of the open source world's favourite applications.
>
> One of the big knocks I've heard against PHP is that it's far to easy
> too write really insecure apps. I've come across a project that hardens
> PHP, through two components which address the most dangerous of
> practises. One is a patch to the PHP core code, the other is an add-on
> module:
>
> http://www.hardened-php.net/suhosin.127.html
>
> I haven't even bothered with the patch, but I've been unable to install
> all the packages necessary to build the module. The makers of this
> project say that Gentoo and FreeBSD alread include the components within
> their distos; any chance of seeing it available within Ubuntu, even in
> universe/multiverse
You could make a request to have it packaged (see MOTU on the wiki), but this
is one of the cases where either you or some motivated person would need to
do it.
>
> - Evan
More information about the ubuntu-ca
mailing list