Is PEAR a security hazard?
in [PEAR]
|
Prev: How do you actually submit a bug report for a pear project?
Next: issues re: installing pyrus by following the onlinemanual
From: Ben Hubbell on 27 Feb 2010 21:50 Hello, My web host does not have PHP's PEAR extension enabled. My web host is inexpensive, but their commitment to costumer service is inconsistent. They often dismiss bug reports as feature requests. When pressed to enable PEAR several years ago, my web host stated that PEAR was a security hazard. Do you know if such a security hazard exists? Regards, Ben
From: Bill Shupp on 27 Feb 2010 21:54 On Feb 27, 2010, at 6:50 PM, Ben Hubbell wrote: > Hello, > > My web host does not have PHP's PEAR extension enabled. My web host is inexpensive, but their commitment to costumer service is inconsistent. They often dismiss bug reports as feature requests. > > When pressed to enable PEAR several years ago, my web host stated that PEAR was a security hazard. Do you know if such a security hazard exists? > > Regards, > > Ben It does not. Individual packages over time may have security issues, but when they are discovered, they are always dealt with swiftly by the QA team. The statement by your web host was simply ill informed. Regards, Bill Shupp
From: Al on 28 Feb 2010 07:25
On 2/27/2010 9:50 PM, Ben Hubbell wrote: > Hello, > > My web host does not have PHP's PEAR extension enabled. My web host is > inexpensive, but their commitment to costumer service is inconsistent. > They often dismiss bug reports as feature requests. > > When pressed to enable PEAR several years ago, my web host stated that > PEAR was a security hazard. Do you know if such a security hazard exists? > > Regards, > > Ben Sounds like you need a new host. There are dozens of good hosts for about $8/$10 per month. I use Network Redux and have been very satisfied with their support. |