Ubuntu
php5 package

  1. Bug #315507
  2. Comment #27

Comment 27 for bug 315507

Revision history for this message
Ondřej Surý (ondrej) wrote : Re: Unable to remove Suhosin patch

Hi,

just a note. New suhosin patch for 5.3 will be more customizable:

The following environment variables are supported by now:

SUHOSIN_MM_USE_CANARY_PROTECTION
default: 1
Set to 0 to disable canary protection. A copy of the MM will be used that does not have canaries. This is nearly the same as the MM of vanilla PHP.

SUHOSIN_MM_DESTROY_FREE_MEMORY
default: 0
Set to 1 to enable free memory destruction. Every piece of free memory will be overwritten. This allows debugging e.g. use after free memory corruption bugs easier without using a debug PHP.

SUHOSIN_MM_IGNORE_CANARY_VIOLATION
default: 0
Set to 1 stops Suhosin from aborting the process when it detects canary violations. The violations will be logged and the canary restored. It is strongly recommended to NOT use this feature. But it is more secure to use this feature instead of disabling Suhosin completely which happend in the past when people saw canary violation error messages

SUHOSIN_HT_IGNORE_INVALID_DESTRUCTOR
default: 0
Set to 1 stops Suhosin from aborting the process when it detects an invalid Hashtable destructor. It is strongly recommended to NOT use this feature.

SUHOSIN_LL_IGNORE_INVALID_DESTRUCTOR
default: 0
Set to 1 stops Suhosin from aborting the process when it detects an invalid LinkedList destructor. It is strongly recommended to NOT use this feature.

See http://www.suspekt.org/2009/08/13/suhosin-patch-098-for-php-530-beta-please-test/ for more information.