php suhosin配置
[英]php suhosin configuration
问题描述
Before I did any change to suhosin configuration, 
在对suhosin配置进行任何更改之前,
the logging shows a lot of alerts, 日志显示很多警报,
including variable name length, value length, memory_limit, ASCIIZ null and so on. 包括变量名称长度,值长度,memory_limit,ASCIIZ null等。
So, what I do is to change related suhosin configuration setting. 因此,我要做的是更改相关的suhosin配置设置。
ie increase value length, memory_limit, allow ASCIIZ null and so on. 即增加值的长度,memory_limit,允许ASCIIZ null等。
After resetting, the alerts are reduced a lot. 重置后,警报将大大减少。
However, it still have similar alerts sometimes, ie value length. 但是,有时它仍然具有类似的警报,即值长度。
So, do I need to further increase these suhosin configuration settings? 那么,我是否需要进一步增加这些suhosin配置设置?
1 个解决方案
解决方案1
1 2011-08-06 01:22:00
Suhosin in itself is a very outdated patch which was not really developed further since more than 4 years. Suhosin本身是一个非常过时的补丁,自4年多以后才真正开发出来。 So i suggest, to dont use suhosin and use instead an current php version. 因此,我建议不要使用suhosin,而应使用当前的php版本。
To your Question: If you trust this code to dont misuse the things you allow it, you can/must increase further. 问题:如果您相信此代码不会滥用您允许的内容,则可以/必须进一步增加。 But as security issues because of the named things are very rare (i really never heard about one in the last 6 years, which would be solved throught suhosin. At all there was only one really serious issue inside of php) i suggest to follow the first i wrote. 但是由于由于命名问题引起的安全性问题非常少见(在过去的6年中,我真的从未听说过,可以通过suhosin解决。在php内根本只有一个非常严重的问题),我建议遵循首先,我写了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.