[Bug 1002443] Re: php5-fpm exposes full ubuntu package version in headers

Marc Deslauriers marc.deslauriers at canonical.com
Tue May 22 11:47:04 UTC 2012


Security by obscurity doesn't actually work. Hiding the version number
will not affect whether your system is secure or not, and it's quite
likely that an attacker would simply run his script regardless of the
version number displayed on your website.

If this is important in your environment, please use expose_php to
disable the banner in your configuration.

** Changed in: php5 (Ubuntu)
       Status: New => Opinion

** Changed in: php5 (Ubuntu)
   Importance: Undecided => Wishlist

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1002443

Title:
  php5-fpm exposes full ubuntu package version in headers

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1002443/+subscriptions



More information about the Ubuntu-server-bugs mailing list