|
|
Jason | 2012-02-03 17:16:11 |
The security setting that Suhosin are definitely the right way to go, however as a developer it sometimes creates more work to build a custom app that will function correctly under the Suhosin rules.
For example if you are building a custom CMS you must limit the number of input variables in a post array, or Suhosin will silently remove elements from the array. As such your application can behave erratically. There doesn't seem to be any error output, your data is silently dropped. This makes it hard to figure out what the cause is.
This happens quite a bit with PHPMyAdmin which can become very buggy using Suhosin's default rules. On large tables with many fields PHPMyAdmin will throw errors when used in conjunction with Suhosin.
I have a feeling PHPMyAdmin is one of the main reasons why Suhosin has not been adopted offically. Because a default Suhosin install will break PHPMyAdmin.
Anyhow great Blog! Keep posting!
|
|
Stumble It!
Bookmark in del.icio.us
