On Sun, Nov 19, 2006 at 07:55:20PM +0100, Joey Schulze wrote: > I've also taken the liberty to add both drafts and the db application > draft to the list of policy manuals to <http://www.debian.org/devel/> > since developers are searching for these documents and willing to use > them already. Their content should be sufficiently stabilised as > well. In case you don't like this, please let me know and I'll revert > this. > Brilliant, thanks. > Index: Webapps-Policy-Manual-DRAFT.sgml [snip] > + <sect id="security-php">Security measurements Yay! > + <p> > + Include files should not emit any > + output, not even error messages, in > + case they are executed directly or > + exposed in a web-accessible directory. Not sure about this one. Template header and footer files often simply echo() or print() stuff out. Otherwise, looks good :) Webapps policy updated. I'll levae the PHP one for seanus or someone else. Cheers, Neil -- * hermanr feels like a hedgehog having sex...
Attachment:
signature.asc
Description: Digital signature