suhosin7 icon indicating copy to clipboard operation
suhosin7 copied to clipboard

Published 20 hours ago verified publisher icon sektioneins

Release ETA

Open MBlagui opened this issue 7 years ago • 9 comments

Hi,

Do you have any production grade release for PHP 7? We are using suhosin in Open Source project sentora and been planning to support PHP 7.0 but we can't do that as long we use the old suhosin.

Thanks for the help & support.

MBlagui avatar Jul 31 '17 08:07 MBlagui

We hope to continue active development some time this year. In the meantime, you are welcome to contribute.

bef avatar Aug 07 '17 09:08 bef

Is there anything I can do to help? Not much of a C coder these days, but I have access to many different PHP projects on 7.0 - 7.2 and good experience breaking things

RowdyElectron avatar Nov 11 '17 00:11 RowdyElectron

@bef Do you have clients with PHP7 at SektionEins? I would be nice to release suhosin in production.

szepeviktor avatar Dec 16 '17 23:12 szepeviktor

@MBlagui it seems it works: https://github.com/sektioneins/suhosin7/issues/16

iPublicis avatar Dec 17 '17 23:12 iPublicis

@iPublicis ok I will try to test it but I don't see any official release. We are building an open source project relying on suhosin for sansboxing php but I fear we ship it and we get a lot of bugs on production.

MBlagui avatar Dec 29 '17 17:12 MBlagui

@MBlagui On that point i feel like we need a docker container with this environment, available on a public registry. I've observed that Suhosin is like SELinux/AppArmour; many people just do away with it because it isn't easy to conceptualize (as is any risk since we are humans) and it can just get in the way. @bef Would it make sense that if there were an out-of-the-box solution that we'd see more usage? With a container'd build that has options/settings exposed, this project might get the attention it had.

RowdyElectron avatar Jan 30 '18 19:01 RowdyElectron

@RowdyElectron Thank you for the suggestion. It is not the attention, that this project needs, but rather more time to complete its development. Due to a lot of actual workload in the IT security field, the suhosin7 open source development may need to wait a little longer.

bef avatar Jan 31 '18 09:01 bef

I'm working on updating the installers/testing. For docker once we are able to separate as it should be the server config from the panel it will be easier to manage. I'm focusing more on a clean dev environnement so you can test it easily & give a hand.

MBlagui avatar Feb 05 '18 15:02 MBlagui

Any update yet @bef ??? I’ve been waiting for 1 year..... :( so do other thousands of people out there who use Sentora as their web host manager. Please give some updates. Thanks.

yusha avatar Oct 10 '18 15:10 yusha