Quoting Ken Guest (ken at linux.ie):
> So there are lots of things to say about it - namespaces and late
> static binding in php5.3, training people to write more secure code
> (you can write insecure code in pretty much any language - it's all
> about best practices) and why horrible settings/facilities such as
> register_globals, safe_mode and magic_quotes are fully removed from
> php6.
As someone who hasn't yet played with PHP6, I'd value your comments:
Is there anything new from the PHP6 world that I should add to "PHP" on
http://linuxmafia.com/kb/Security/ ? That's my page of recommended
security-sensitive settings to check in /etc/php?/apache/php.ini,
believed to be fairly comprehensive through PHP5.
Thank you for any improvements.
(Yes, I do need to improve that page, particularly to detail what each
setting is about and what is likely to break.)
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
