Package: php5-suhosin
Version: 0.9.31-1
Severity: wishlist
Hello,
we are using the suhosin module on most of our servers and we are happy
with it.
But sometimes it is very annoying on the administrative side, because of
the following:
e.g. employe X comes to me and says, that he wanted to drop 300 tables
about phpmyadmin and it simply does not do it. I am looking in the
error.log and see, that the configured number of e.g. post max vars has
been exceeded. Now I want to increase the limit, so that the employe
could do his job, but I don't know how many variables he is submitting!
So I have to start to increase the limit from 650 to e.g. 6500 and then
I retest it, maybe I have to do some iterations of this process until it
works, this took up some more time AND some more administrators may just
increase the limit to e.g. 6500000 so they are on the "safe" side, and
so on they may deactivate some security options provided by suhosin.
So I wish, that I see in the error log with which count the "attacker"
exceeded the value, it spares time for administrators etc. :)
--
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi
GNU/Linux Debian Developer
E-Mail: [email protected]
[email protected]
Comment:
Always if we think we are right,
we were maybe wrong.
*/
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
