| 1 |
On Sun, 22 Apr 2012 07:26:19 -0400 |
| 2 |
Anthony G. Basile wrote: |
| 3 |
|
| 4 |
> 3) I agree that hardened should be mostly off by default. Eg. ipv6 is |
| 5 |
> off by default. But as pressure mounts the switch to on by default may |
| 6 |
> have to occur as it has now with unicode and will happen some day with ipv6. |
| 7 |
|
| 8 |
Good stuff. |
| 9 |
|
| 10 |
There was a nasty input sanitisation avoiding bug in PHP that only |
| 11 |
affected linux boxes with unicode enabled terminals. Maybe these bug |
| 12 |
types have something to do with it. |
| 13 |
|
| 14 |
I'd be in two minds, personally I can't remember using unicode on a |
| 15 |
terminal and you could use base64 as a workaround. Many many will use it |
| 16 |
though, so the default should be enabled. |
Archives