hi david, On Fri, Mar 03, 2006 at 09:00:28AM -0600, David Johnson wrote: > The policy document looks great and carefully thought out. We have not > finished our package development and released it yet, so we're not certain. > One question is in regards to PHP configuration. For example our > application requires "register_global" to be turned on in PHP (which has > sufficient security structure in place where this is not a problem for us). > What approach should we take here? i agree with gareth's suggestion that you make sure that your settings are how you need them by overriding them "locally" (in a <Directory> block or in the application itself). sean
Attachment:
signature.asc
Description: Digital signature