[TYPO3-core] RFC #9474: Integrate OpenID authentication support to TYPO3
Ingo Renner
ingo at typo3.org
Tue Oct 14 14:11:25 CEST 2008
Xavier Perseguers wrote:
Hi Xavier,
> I really do not understand why you are against this @. It really does
> not make sense for me and what BTW is a standard PHP environment?
a default PHP installation from php.net
> Does
> it mean nobody should try to secure his server when using TYPO3?
no, not at all of course! but you need to deal with effects from those
modifications yourself then.
> I have
> a hardened configuration with open_basedir, suhosin and mod_security and
> it simply works great. I do not understand why you would like me to
> lower security just because is_readable() does not take care of handling
> correctly open_basedir restrictions and when a simple @ removing this
> warning would make everybody happy.
Then you should contact the maintainers of the hardened php project and
make them aware opf the issue. Hey, it's still open source and those
people are very likely open to feedback.
best
Ingo
--
Ingo Renner
TYPO3 Core Developer, Release Manager TYPO3 4.2
More information about the TYPO3-team-core
mailing list