Results 1 to 7 of 7
  1. #1

    Suhosin Extension or Suhosin Patch

    Hello,

    What is the difference between Suhosin Extension and Suhosin Patch?

    http://www.hardened-php.net/suhosin/download.html

    Thanks.

  2. #2
    Join Date
    Apr 2005
    Posts
    1,711
    Installing the Extension

    Unlike the Hardening-Patch for PHP, nearly all of Suhosin´s features are within the extension. Therefore you might want to only install the extension and use a plain unpatched PHP. Depending on the system we might already offer binary packages. You can check our Suhosin Downloads page. In that case you only need to activate the extension inside your php.ini and maybe add Configuration directives if you are not satisfied by the default values.

  3. #3
    For Suhosin-Patch you need to recompile your PHP and for Suhosin-Extension you dont have to, just add Module info and viola! there it is!

  4. #4
    So both do the same job and which one is better?

    Please advise.

  5. #5
    Join Date
    Nov 2002
    Location
    WebHostingTalk
    Posts
    8,878
    * Moved to Technical and Security Issues....

    Sirius
    I support the Human Rights Campaign!
    Moving to the Tampa, Florida area? Check out life in the suburbs in Trinity, Florida.

  6. #6
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,290
    Install both... they do different things:

    Suhosin comes in two independent parts, that can be used separately or in combination.
    The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the
    second part is a powerful PHP extension that implements all the other protections.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  7. #7
    Thanks a lot guys. You've been really helpful.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •