-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Mitchell wrote: > As a user, I wanted to throw my two cents in. Our security administrator > _is_ considering this particular fix to be critical, and has made it a > required patch. While it's true that this particular fix is protecting > against poorly written PHP scripts, it also appears to be the case that > such poorly written software is fairly common and is being actively > targeted. I also think that with this patch in PHP itself, there will be > a lot less pressure for any of the packages which employ unsafe variable > handling to actually get fixed. I know that I personally don't have a > lot of say on the matter, but it would be nice if the patched version > was released sooner. Thanks for your time.
You can always turn off register_globals in you php.ini. register_globals = Off is a recommended setting anyway. Regards, Christian Stadler -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFDkIcC9250Hcbf/3IRArrOAJwMks6Iifcri/wNEkgEsGmt5jt4dwCcDqm2 epwlnPWFlDF6MiTfeTd1SFM= =nGgv -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
