Re: Security Diligence
Hi,
On 8 February 2014 16:14, Thomas Hruska <thruska@cubiclesoft.com> wrote:
> On 2/8/2014 7:26 AM, Pierre Joye wrote:
>>
>> Lester, this is not a support list.
>>
>> It is your good right to stick with dead PHP versions and 10 years old
>> code (whether it is your choice or not), but it is definitively not
>> good to constantly posts totally off topic posts, replies or complains
>> about what we do or don't. It is even more annoying in cases where you
>> clearly do not understand the underlying reasons of one feature or
>> another.
>>
>> That being said, I would love to see you actually contribute something
>> for a change.
>
>
> How about giving Lester a hard-and-fast deadline to contribute something
> useful by? (Being sure to clearly define "useful" in the process.) If he
> fails to meet the expectations by the deadline, he gets unceremoniously
> booted off the list.
The guy posed some doubts on the validity of what two RFCs intended to
do in PHP 5.6. It might be off-topic as not being directly linked to
the RFC, but going overboard isn't going to change matters. If you
really want to change someone's habits you need only ignore them ;).
In this case, I responded because drilling some sense of security into
programmers is something I view as important (as my blog attests).
It's worth having a response on the list for the record for anyone
else harbouring unwritten doubts about the efforts of the RFC authors,
but are not keen on airing them. The RFCs do imply some awareness of
security and that's largely unavoidable unless each and every RFC
needs to be a 1000 page masterwork ;).
Paddy
--
Pádraic Brady
http://blog.astrumfutura.com
http://www.survivethedeepend.com
Zend Framework Community Review Team
Zend Framework PHP-FIG Representative
Thread (15 messages)