Re: php5 README.Debian.security

To: debian-l10n-english@lists.debian.org, Ondřej Surý <ondrej@sury.org>, Thijs Kinkhorst <thijs@debian.org>
Subject: Re: php5 README.Debian.security
From: Ondřej Surý <ondrej@sury.org>
Date: Wed, 8 Feb 2012 12:45:04 +0100
Message-id: <[🔎] CALjhHG_oL3SAijfve1PFSDNaLW-DR6xe8xcRFKf0fVF+Kbxr=w@mail.gmail.com>
In-reply-to: <[🔎] 20120208102909.GA32288@xibalba.demon.co.uk>
References: <[🔎] CALjhHG9=nMLPqG3sQ=N4fY=-G5utBh1rJ3udfVkJ75444617Sw@mail.gmail.com> <[🔎] 20120208102909.GA32288@xibalba.demon.co.uk>

Hi Justin,

thanks a lot for a quick review.

2012/2/8 Justin B Rye <jbr@edlug.org.uk>:
> More importantly, I assume when it says "code written in the PHP
> language" it means non-packaged end-user code - this could clearer.
> Maybe s/code/user scripts/ ?

I think it means both, e.g. packages in PHP language and user scripts
written in PHP, but I let Thijs to clarify here.

>> - vulnerabilities involving any kind of open_basedir violation, as
>>   this is considered a security model neither by us nor PHP upstream.
>
> More idiomatically:
>    this is not considered a security model either by us or by PHP upstream.
> (but what exactly is the "this" referring back to here?)

 * Vulnerabilities involving any kind of open_basedir violation, as
   this feature is not considered a security model either by us or by
   PHP upstream.

or

 * Vulnerabilities involving any kind of open_basedir violation, as
   open_basedir feature is not considered a security model either by us or by
   PHP upstream.

O.
-- 
Ondřej Surý <ondrej@sury.org>

Reply to:

References:
- php5 README.Debian.security
  - From: Ondřej Surý <ondrej@sury.org>
- Re: php5 README.Debian.security
  - From: Justin B Rye <jbr@edlug.org.uk>

Prev by Date: Re: php5 README.Debian.security
Next by Date: Re: php5 README.Debian.security
Previous by thread: Re: php5 README.Debian.security
Next by thread: Re: php5 README.Debian.security
Index(es):
- Date
- Thread