Date: Tue, 15 May 2012 11:17:18 -0400 From: Michael Scheidell <scheidell@FreeBSD.org> To: <freebsd-ports@freebsd.org> Subject: Re: PHP 5.4.0 : lang/php54 Message-ID: <4FB2737E.8040005@FreeBSD.org> In-Reply-To: <CAERaTk-vWWjf_L0y-Vq3CeAuoF2VTBYJR0E0FOCB3ZTHgv4BYQ@mail.gmail.com> References: <CAERaTk--Qb4ez2qYOjk51qws_2G0jcj4qZLGdeY-nZV1C3jjHA@mail.gmail.com> <201203112026.30630.subbsd@gmail.com> <4F5DB7C7.6090308@FreeBSD.org> <CAERaTk_F=VWCPqwbac_Oww%2B6iWX0wCgn6NSVXKwJntRaWGYKsQ@mail.gmail.com> <4F8FBE09.5070101@FreeBSD.org> <CAERaTk_7zo2D9eiw8eusGDPa%2Bcfsupywja9P088b8frM-%2B8oBA@mail.gmail.com> <1337085591.10656.24.camel@ompc.insign> <CAERaTk-vWWjf_L0y-Vq3CeAuoF2VTBYJR0E0FOCB3ZTHgv4BYQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/15/12 11:05 AM, Svyatoslav Lempert wrote: > So I think we need release a new version without suhosin patch and > check the compatibility of all ports that depend on it (before), and > then when suhosin will appear (if there), then simply add it to the > port. > -1 susosin patch is not a 'compatibility' issue. it is a security issue. I would consider recommending a lang/php54 port, for people who absolutely need it. include the 'WITH_SUHOSIN_PATCH' knob and mark it 'IGNORE' so that anyone who expects the stsndard, default, upward compatible security will be warned against installing this port. leave php5.3 the default lang/php5 for now. wait till suhosin patch is released. use lang/php54 for anyone who absolutely must play with 5.4 (I am still going through pains replacing apache 13 and php5.2 with nginx and php53). don't think I want to /_by default_/ open up a security hole. -- Michael Scheidell, CTO >*| * SECNAP Network Security Corporation d: +1.561.948.2259 w: http://people.freebsd.org/~scheidell
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FB2737E.8040005>