[php-maint] Fwd: Bug#521198: php5-suhosin nulls mysql update parameters and allows update to continue
Jan Wagner
waja at cyconet.org
Tue Apr 7 17:48:38 UTC 2009
Hey guys,
any idea how to respond on this "bugreport"?
I personally think:
1. if anybody installes a php security module, the documentation should be
read
2. if the documentation was read, the users are able to set appropriate
settings
3. if anybody don't like to act suhosin and use the simulation mode, this
should be done via ini setting
I agree, that we don't have included any documentation, which is caused by
missing documentation in the upstream tarball and upstream provides the docs
online.
Guessing from the bugreport, I think the cause for the "dataloss" was, that
suhosin blocked the execution of the script, cause the values are to
much/large, which can be adjusted via ini settings. Not checking, if the
values have reasonable content, is not a problem of suhosin, but of the
application. There are many other scenarios (unrelated to suhosin) which can
cause empty values.
Thanks and with kind regards, Jan.
--
Never write mail to <waja at spamfalle.info>, you have been warned!
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT d-- s+: a- C+++ UL++++ P+ L+++ E- W+++ N+++ o++ K++ w--- O M V- PS PE
Y++ PGP++ t-- 5 X R tv- b+ DI- D++ G++ e++ h-- r+++ y+++
------END GEEK CODE BLOCK------
-------------- next part --------------
An embedded message was scrubbed...
From: David <david_debianbugreport at pureflight.ca>
Subject: Bug#521198: php5-suhosin nulls mysql update parameters and allows update to continue
Date: Wed, 25 Mar 2009 10:17:44 -0700
Size: 6191
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20090407/cc4e8002/attachment.eml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20090407/cc4e8002/attachment.pgp>
More information about the pkg-php-maint
mailing list