Subject: Re: php and audit-packages
To: Joerg Sonnenberger <>
From: D'Arcy J.M. Cain <>
List: tech-pkg
Date: 04/24/2007 08:40:55
On Tue, 24 Apr 2007 13:21:20 +0200
Joerg Sonnenberger <> wrote:
> I'm opposing to remove entries because they can't be fixed. I also don't
> think an entry in the MESSAGE file raises the awareness well enough.
> Sadly enough, enough people are using open_basedir and trusting it...

I agree.  What's the point of advising our users of security holes if
we only warn about the ones that can be fixed?

D'Arcy J.M. Cain <>