[Mapbender-users] take care - suhosin can effect Mapbender
administration and block requests
Stephan Holl
stephan.holl at intevation.de
Tue Dec 6 06:16:52 EST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello Astrid,
Astrid Emde <astrid.emde at wheregroup.com>, [20111206 - 11:39:20]
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
>
> some of you may have problems saving changes within the Mapbender
> administration. This is not a Mapbender problem. It can be caused by
> Suhosin, as Suhosin defines limits for example for number of POST
> variables, maximum length of arrays or maximum length of values.
>
> What is Suhosin?
> Suhosin is an open source patch for PHP. "The goal behind Suhosin is
> to be a safety net that protects servers from insecure PHP coding
> practices." In some Linux distributions (notably Debian and Ubuntu) it
> is shipped by default.
> http://en.wikipedia.org/wiki/Suhosin
>
> What can you do?
> You can deactivate Suhosin to run the simulation mode:
> suhosin.simulation = on
Isn't it the right way to make Mapbender more secure (speaking of
changing the coding-practice to make it compatible with suhosin) than
disabling the PHP-harden-framework?
/me is confused.
Stephan
- --
Stephan Holl <stephan.holl at intevation.de> | Tel.: +49 (0)541-33 508 3663
Intevation GmbH, Neuer Graben 17, 49074 OS | AG Osnabrück - HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk7d+aQACgkQjVOs3Ksi6lgWRwCfY6dxAwj/P23QwUkA9wOIA725
Mb8An3DIcfolwmE1QwRZ6z7Nfwj++AgW
=zeGc
-----END PGP SIGNATURE-----
More information about the Mapbender_users
mailing list