Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 15 May 2012 11:20:33 -0400
From:      Eitan Adler <lists@eitanadler.com>
To:        Michael Scheidell <scheidell@freebsd.org>
Cc:        freebsd-ports@freebsd.org
Subject:   Re: PHP 5.4.0 : lang/php54
Message-ID:  <CAF6rxgkA6u-2TjaTL2uENF5pDW1%2BETuuaOm2MtCEWo-pORr7Rg@mail.gmail.com>
In-Reply-To: <4FB2737E.8040005@FreeBSD.org>
References:  <CAERaTk--Qb4ez2qYOjk51qws_2G0jcj4qZLGdeY-nZV1C3jjHA@mail.gmail.com> <201203112026.30630.subbsd@gmail.com> <4F5DB7C7.6090308@FreeBSD.org> <CAERaTk_F=VWCPqwbac_Oww%2B6iWX0wCgn6NSVXKwJntRaWGYKsQ@mail.gmail.com> <4F8FBE09.5070101@FreeBSD.org> <CAERaTk_7zo2D9eiw8eusGDPa%2Bcfsupywja9P088b8frM-%2B8oBA@mail.gmail.com> <1337085591.10656.24.camel@ompc.insign> <CAERaTk-vWWjf_L0y-Vq3CeAuoF2VTBYJR0E0FOCB3ZTHgv4BYQ@mail.gmail.com> <4FB2737E.8040005@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 15 May 2012 11:17, Michael Scheidell <scheidell@freebsd.org> wrote:
> -1
> susosin patch is not a 'compatibility' issue. =C2=A0it is a security issu=
e.
> I would consider recommending a lang/php54 port, for people who absolutel=
y
> need it. =C2=A0include the 'WITH_SUHOSIN_PATCH' knob and mark it 'IGNORE'=
 so that
> anyone who expects the stsndard, default, upward compatible security will=
 be
> warned against installing this port.
>
> leave php5.3 the default lang/php5 for now. =C2=A0wait till suhosin patch=
 is
> released. =C2=A0use lang/php54 for anyone who absolutely must play with 5=
.4
> (I am still going through pains replacing apache 13 and php5.2 with nginx
> and php53). =C2=A0don't think I want to /_by default_/ open up a security=
 hole.

+1

this is imho the best solution available

--=20
Eitan Adler



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgkA6u-2TjaTL2uENF5pDW1%2BETuuaOm2MtCEWo-pORr7Rg>