Re: Re: [Mapbender-us =?ISO-8859-1?Q?ers] take care - suho?= sin can effect Mapbender administration an =?ISO-8859-1?Q?d block requests?=

[christoph at baudson.de]

Hi,

I think the solution proposed by Astrid is a workaround for Mapbender
2.x. In Mapbender 3, communicating with the server will work
differently.

Christoph


Am 06.12.2011 um  Uhr haben Sie geschrieben:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello Astrid,
>
> Astrid Emde <astrid.emde at wheregroup.com>, [20111206 - 11:39:20]
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hello,
> >
> > some of you may have problems saving changes within the Mapbender
> > administration. This is not a Mapbender problem. It can be caused by
> > Suhosin, as Suhosin defines limits for example for number of POST
> > variables, maximum length of arrays or maximum length of values.
> >
> > What is Suhosin?
> > Suhosin is an open source patch for PHP. "The goal behind Suhosin is
> > to be a safety net that protects servers from insecure PHP coding
> > practices." In some Linux distributions (notably Debian and Ubuntu)
it
> > is shipped by default.
> > http://en.wikipedia.org/wiki/Suhosin
> >
> > What can you do?
> > You can deactivate Suhosin to run the simulation mode:
> >  suhosin.simulation = on
>
> Isn't it the right way to make Mapbender more secure (speaking of
> changing the coding-practice to make it compatible with suhosin) than
> disabling the PHP-harden-framework?
>
> /me is confused.
>
> 	Stephan
>
> - --
> Stephan Holl <stephan.holl at intevation.de> | Tel.: +49 (0)541-33 508
3663
> Intevation GmbH, Neuer Graben 17, 49074 OS  |  AG Osnabrück - HR B
18998
> Geschäftsführer:  Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver
Wagner
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iEYEARECAAYFAk7d+aQACgkQjVOs3Ksi6lgWRwCfY6dxAwj/P23QwUkA9wOIA725
> Mb8An3DIcfolwmE1QwRZ6z7Nfwj++AgW
> =zeGc
> -----END PGP SIGNATURE-----
>
>