Update of the php.ini-paranoid example file (was Re: ping22: can not kill this process)

On Fri, Jan 04, 2008 at 12:41:55PM -0600, Raphael Geissert wrote:
> Rick Moen wrote:
> >
> > disable_functions = dl, phpinfo, system, mail, include, shell_exec, exec,
>
> include()? I don't want to imagine how many scripts will break.

You are right, I have removed this from the list. The use of 'include' is really common on applications.

Actually, the php.ini-paranoid file was created in october 2004 and has not been ammended since. I have reviewed the file to updated it with the latest PHP5 release php.ini-dist contents and have also added new values (and details) which were not available in the previous version.

Attached is the latest version of this configuration file I have concocted. I would appreciate if people running PHP applications could test it out and comment on it. As I've said before (and now the script documents that too) is easy to see the differences with the one provided in standard Debian installations by diffing it.

Hope that helps.

Javier

-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


text/plain attachment: php.ini-paranoid



application/pgp-signature attachment: Digital signature

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.debian.org Links debian-announce debian-apache debian-arm-changes debian-beowulf debian-boot debian-cd debian-cd-vendors debian-changes debian-changes-digest debian-isp debian-kde debian-laptop debian-mirrors-announce debian-news debian-security debian-security-announce debian-testing debian-user debian-user-digest Request more information about Pantek