[Phpwm] Fw: [USN-261-1] PHP vulnerabilities

David Goodwin david at codepoets.co.uk
Sat Mar 11 14:46:46 GMT 2006

> Most of the extensions can be dynamically linked via the php.ini file. I
> wouldn't put session handling into the category of "optional" though.
> PHP6 is looking interesting as they've already removed register_globals
> and magic_quotes :)


See also http://www.hardened-php.net ; after hearing Christopher Kunz at the phpuk conference it sounds like a good way forward.



More information about the Phpwm mailing list