diff options
author | Christoph M. Becker <cmbecker69@gmx.de> | 2019-03-11 16:32:16 +0100 |
---|---|---|
committer | Christoph M. Becker <cmbecker69@gmx.de> | 2019-03-11 16:32:16 +0100 |
commit | dd6911550feb1de5feed0f31b102937614df7954 (patch) | |
tree | be59e69cd3c0bc8b78e9e3cdfaaf15179f177702 /php.ini-production | |
parent | 9c0a3b78e85d10a6e4a8a5caea671ce5075b6cdf (diff) | |
parent | aefe0dfd61fa8b1f7e32eaa688f81a76a6956649 (diff) | |
download | php-git-dd6911550feb1de5feed0f31b102937614df7954.tar.gz |
Merge branch 'PHP-7.4'
* PHP-7.4:
SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation strategy against potential security flaws
Diffstat (limited to 'php.ini-production')
-rw-r--r-- | php.ini-production | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/php.ini-production b/php.ini-production index be9f3a4eed..1dc30a09f6 100644 --- a/php.ini-production +++ b/php.ini-production @@ -996,8 +996,19 @@ cli_server.color = On ;intl.use_exceptions = 0 [sqlite3] +; Directory pointing to SQLite3 extensions +; http://php.net/sqlite3.extension-dir ;sqlite3.extension_dir = +; SQLite defensive mode flag (only available from SQLite 3.26+) +; When the defensive flag is enabled, language features that allow ordinary +; SQL to deliberately corrupt the database file are disabled. This forbids +; writing directly to the schema, shadow tables (eg. FTS data tables), or +; the sqlite_dbpage virtual table. +; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html +; (for older SQLite versions, this flag has no use) +sqlite3.defensive = 1 + [Pcre] ; PCRE library backtracking limit. ; http://php.net/pcre.backtrack-limit |