diff options
author | Christoph M. Becker <cmbecker69@gmx.de> | 2019-03-11 16:28:46 +0100 |
---|---|---|
committer | Christoph M. Becker <cmbecker69@gmx.de> | 2019-03-11 16:30:16 +0100 |
commit | e7ce7c6bb211011569d8036b663bc4ccd45b9984 (patch) | |
tree | 783cad157c6310a1809fcef545e9873703da397a /php.ini-production | |
parent | 6818ca3c022d70bd48ac86df8798aa537245935c (diff) | |
parent | e93259bb23500e26a7b0317cde9ad5398eec074e (diff) | |
download | php-git-e7ce7c6bb211011569d8036b663bc4ccd45b9984.tar.gz |
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation strategy against potential security flaws
Diffstat (limited to 'php.ini-production')
-rw-r--r-- | php.ini-production | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/php.ini-production b/php.ini-production index fa09ade786..980e9a8cda 100644 --- a/php.ini-production +++ b/php.ini-production @@ -1011,8 +1011,19 @@ cli_server.color = On ;intl.use_exceptions = 0 [sqlite3] +; Directory pointing to SQLite3 extensions +; http://php.net/sqlite3.extension-dir ;sqlite3.extension_dir = +; SQLite defensive mode flag (only available from SQLite 3.26+) +; When the defensive flag is enabled, language features that allow ordinary +; SQL to deliberately corrupt the database file are disabled. This forbids +; writing directly to the schema, shadow tables (eg. FTS data tables), or +; the sqlite_dbpage virtual table. +; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html +; (for older SQLite versions, this flag has no use) +sqlite3.defensive = 1 + [Pcre] ; PCRE library backtracking limit. ; http://php.net/pcre.backtrack-limit |