php suhosin configuration
Before I did any change to suhosin configuration,
the logging shows a lot of alerts, including variable name length, value length, memory_limit, ASCIIZ null and so on.So, what I do is to change rela开发者_StackOverflowted suhosin configuration setting.
i.e. increase value length, memory_limit, allow ASCIIZ null and so on.After resetting, the alerts are reduced a lot.
However, it still have similar alerts sometimes, i.e. value length.So, do I need to further increase these suhosin configuration settings?
Suhosin in itself is a very outdated patch which was not really developed further since more than 4 years. So i suggest, to dont use suhosin and use instead an current php version.
To your Question: If you trust this code to dont misuse the things you allow it, you can/must increase further. But as security issues because of the named things are very rare (i really never heard about one in the last 6 years, which would be solved throught suhosin. At all there was only one really serious issue inside of php) i suggest to follow the first i wrote.
精彩评论