wahnsinn’s avatarwahnsinn’s Twitter Archive—№ 9,963

    1. …in reply to @t3easy_de
      @t3easy_de @xitnelat I do not think, a hard coded allowlist would be practically. The most hosting environments in professional area do not have any disabled_functions. On the other hand the install tool does not know, which functions are used anywhere in the installed packages and extensions. 1/2
      Permalink On twitter.com Twitter logo wahnsinn’s avatar Mood -1 🙁
  1. …in reply to @wahnsinn
    @t3easy_de @xitnelat And what, if a (core or extension) developer will introduce one of those functions in the future? My idea would be an allowlist $GLOBALS['TYPO3_CONF_VARS'], so an experienced admin, who knows what he does, can add harmless functions to that list. 2/2
    On twitter.com Twitter logo wahnsinn’s avatar Mood 0
    1. …in reply to @wahnsinn
      @t3easy_de @xitnelat But one question remains: Completely mute information for the allowed disable_functions or still generate warnings instead of errors? 🤔
      Permalink On twitter.com Twitter logo wahnsinn’s avatar Mood -5 🙁