summaryrefslogtreecommitdiff
path: root/lang/php53/files/patch-php.ini-production
diff options
context:
space:
mode:
Diffstat (limited to 'lang/php53/files/patch-php.ini-production')
-rw-r--r--lang/php53/files/patch-php.ini-production18
1 files changed, 18 insertions, 0 deletions
diff --git a/lang/php53/files/patch-php.ini-production b/lang/php53/files/patch-php.ini-production
new file mode 100644
index 000000000000..67d3480ad4a6
--- /dev/null
+++ b/lang/php53/files/patch-php.ini-production
@@ -0,0 +1,18 @@
+--- php.ini-production.orig 2009-08-24 17:18:23.000000000 +0200
++++ php.ini-production 2009-08-24 17:18:33.000000000 +0200
+@@ -335,6 +335,15 @@
+
+ ; Safe Mode
+ ; http://php.net/safe-mode
++;
++; SECURITY NOTE: The FreeBSD Security Officer strongly recommend that
++; the PHP Safe Mode feature not be relied upon for security, since the
++; issues Safe Mode tries to handle cannot properly be handled in PHP
++; (primarily due to PHP's use of external libraries). While many bugs
++; in Safe Mode has been fixed it's very likely that more issues exist
++; which allows a user to bypass Safe Mode restrictions.
++; For increased security we always recommend to install the Suhosin
++; extension.
+ safe_mode = Off
+
+ ; By default, Safe Mode does a UID compare check when
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-24 09:47:08 +0000