I have been wondering about the difference between Suhosin Patch and Extension? For example which one of them I should install with PHP 5.2.17 with Xcache 1.3.1 and Zend Optimizer 3.3.0.a? Should it be Suhosin Extension 0.9.32.1? Is Patch version PHP version specific Suhosin Patch 0.9.10 for PHP 5.3.4/5.3.3 and Suhosin Patch 0.9.7 in my case for PHP 5.2.17?
I also couldnt understand the clear difference between Patch and Extension from security point, how do they differ from each other?
Suhosin comes in two independent parts, that can be used separately or in combination.
The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the
second part is a powerful PHP extension that implements all the other protections.
You need both if you want to be fully secured. The extension includes a majority of the security features. The patch applies security improvements to the core php binary that the extension cannot do.
Steven Ciaburri | Proactive Linux Server Management- Rack911.com System Administration Extraordinaire | Follow us on twitter:@Rack911Labs Managed Servers (AS62710), Server Management, and Security Auditing. www.HostingSecList.com - Security notices for the hosting community.