Results 1 to 3 of 3
  1. #1
    Join Date
    Mar 2004
    Posts
    1,004

    Suhosin patch or extension with zend optimizer

    I have been wondering about the difference between Suhosin Patch and Extension? For example which one of them I should install with PHP 5.2.17 with Xcache 1.3.1 and Zend Optimizer 3.3.0.a? Should it be Suhosin Extension 0.9.32.1? Is Patch version PHP version specific Suhosin Patch 0.9.10 for PHP 5.3.4/5.3.3 and Suhosin Patch 0.9.7 in my case for PHP 5.2.17?

    I also couldnt understand the clear difference between Patch and Extension from security point, how do they differ from each other?

    Suhosin comes in two independent parts, that can be used separately or in combination.
    The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the
    second part is a powerful PHP extension that implements all the other protections.
    Is that correct that according to http://www.hardened-php.net/suhosin/a_feature_list.html
    Patch has all of Extension features + Engine Protection features?
    Best Regards,
    Namesniper

  2. #2
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,261
    You need both if you want to be fully secured. The extension includes a majority of the security features. The patch applies security improvements to the core php binary that the extension cannot do.
    Steven Ciaburri | Proactive Linux Server Management - Rack911.com
    System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
    Managed Servers (AS62710), Server Management, and Security Auditing.
    www.HostingSecList.com - Security notices for the hosting community.

  3. #3
    Join Date
    Mar 2004
    Posts
    1,004
    Quote Originally Posted by Steven View Post
    You need both if you want to be fully secured. The extension includes a majority of the security features. The patch applies security improvements to the core php binary that the extension cannot do.
    But at the same time the Patch will most likely cause seg fault for Zend Optimizer/xcache/etc?
    Best Regards,
    Namesniper

  4. Newsletters

    Subscribe Now & Get The WHT Quick Start Guide!

Similar Threads

  1. Zend Optimizer and Extension Manager cPanel Troubles
    By hostchunk in forum Hosting Security and Technology
    Replies: 2
    Last Post: 01-29-2011, 06:14 PM
  2. recompile php with Suhosin Patch
    By Gary4gar in forum Programming Discussion
    Replies: 14
    Last Post: 09-23-2010, 05:00 AM
  3. How do i remove suhosin-0.9.24 extension ?
    By Gazza-t in forum Hosting Security and Technology
    Replies: 3
    Last Post: 12-11-2008, 01:07 PM
  4. Suhosin Extension or Suhosin Patch
    By Costaud in forum Hosting Security and Technology
    Replies: 6
    Last Post: 03-19-2008, 11:17 PM
  5. Zend Optimizer
    By LP560 in forum Hosting Security and Technology
    Replies: 1
    Last Post: 06-26-2005, 08:22 PM

Related Posts from theWHIR.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •