SektionEins és l'empresa que ha creat el paquet de seguretat Suhosin. Si hem instal·lat el PHP desde la paqueteria d'Ubuntu, al fer un phpinfo(), segurament veurem que al PHP instal·lat se li ha aplicat el patch de Suhosin, és fàcil de detectar, per les lletres en coreà 수호신 al final de la plana, que ve a ser la traducció de una deïtat guardiana... sí, és la traducció literal, no és cap de les deïtats guardianes que el budisme assigna segons l'any de naixement a la seva parròquia.
 This server is protected with the Suhosin Patch 0.9.6.2Copyright (c) 2006 Hardened-PHP Project |
Així doncs, els ubuntaires ja tenim el PHP preparat de sèrie per al Suhosin i no hem de compilar ni aplicar cap patch.
Per a instal·lar aquesta extensió de PHP, farem
sudo apt-get install php5-suhosin
A /etc/php5/apache2/conf.d/suhosin.ini podrem parametritzar aquest guardià protector.
En properes edicions comentarem alguns dels paràmetres de configuració:
| Directive | Local Value | Master Value |
|---|---|---|
| suhosin.apc_bug_workaround | Off | Off |
| suhosin.cookie.checkraddr | 0 | 0 |
| suhosin.cookie.cryptdocroot | On | On |
| suhosin.cookie.cryptkey | [ protected ] | [ protected ] |
| suhosin.cookie.cryptlist | no value | no value |
| suhosin.cookie.cryptraddr | 0 | 0 |
| suhosin.cookie.cryptua | On | On |
| suhosin.cookie.disallow_nul | 1 | 1 |
| suhosin.cookie.disallow_ws | 1 | 1 |
| suhosin.cookie.encrypt | Off | Off |
| suhosin.cookie.max_array_depth | 50 | 50 |
| suhosin.cookie.max_array_index_length | 64 | 64 |
| suhosin.cookie.max_name_length | 64 | 64 |
| suhosin.cookie.max_totalname_length | 256 | 256 |
| suhosin.cookie.max_value_length | 10000 | 10000 |
| suhosin.cookie.max_vars | 100 | 100 |
| suhosin.cookie.plainlist | no value | no value |
| suhosin.coredump | Off | Off |
| suhosin.disable.display_errors | Off | Off |
| suhosin.executor.allow_symlink | Off | Off |
| suhosin.executor.disable_emodifier | Off | Off |
| suhosin.executor.disable_eval | Off | Off |
| suhosin.executor.eval.blacklist | no value | no value |
| suhosin.executor.eval.whitelist | no value | no value |
| suhosin.executor.func.blacklist | no value | no value |
| suhosin.executor.func.whitelist | no value | no value |
| suhosin.executor.include.blacklist | no value | no value |
| suhosin.executor.include.max_traversal | 0 | 0 |
| suhosin.executor.include.whitelist | no value | no value |
| suhosin.executor.max_depth | 0 | 0 |
| suhosin.filter.action | no value | no value |
| suhosin.get.disallow_nul | 1 | 1 |
| suhosin.get.disallow_ws | 0 | 0 |
| suhosin.get.max_array_depth | 50 | 50 |
| suhosin.get.max_array_index_length | 64 | 64 |
| suhosin.get.max_name_length | 64 | 64 |
| suhosin.get.max_totalname_length | 256 | 256 |
| suhosin.get.max_value_length | 512 | 512 |
| suhosin.get.max_vars | 100 | 100 |
| suhosin.mail.protect | 0 | 0 |
| suhosin.memory_limit | 0 | 0 |
| suhosin.mt_srand.ignore | On | On |
| suhosin.multiheader | Off | Off |
| suhosin.perdir | 0 | 0 |
| suhosin.post.disallow_nul | 1 | 1 |
| suhosin.post.disallow_ws | 0 | 0 |
| suhosin.post.max_array_depth | 50 | 50 |
| suhosin.post.max_array_index_length | 64 | 64 |
| suhosin.post.max_name_length | 64 | 64 |
| suhosin.post.max_totalname_length | 256 | 256 |
| suhosin.post.max_value_length | 65000 | 65000 |
| suhosin.post.max_vars | 200 | 200 |
| suhosin.protectkey | On | On |
| suhosin.request.disallow_nul | 1 | 1 |
| suhosin.request.disallow_ws | 0 | 0 |
| suhosin.request.max_array_depth | 50 | 50 |
| suhosin.request.max_array_index_length | 64 | 64 |
| suhosin.request.max_totalname_length | 256 | 256 |
| suhosin.request.max_value_length | 65000 | 65000 |
| suhosin.request.max_varname_length | 64 | 64 |
| suhosin.request.max_vars | 200 | 200 |
| suhosin.server.encode | On | On |
| suhosin.server.strip | On | On |
| suhosin.session.checkraddr | 0 | 0 |
| suhosin.session.cryptdocroot | On | On |
| suhosin.session.cryptkey | [ protected ] | [ protected ] |
| suhosin.session.cryptraddr | 0 | 0 |
| suhosin.session.cryptua | On | On |
| suhosin.session.encrypt | On | On |
| suhosin.session.max_id_length | 128 | 128 |
| suhosin.simulation | Off | Off |
| suhosin.sql.bailout_on_error | Off | Off |
| suhosin.sql.comment | 0 | 0 |
| suhosin.sql.multiselect | 0 | 0 |
| suhosin.sql.opencomment | 0 | 0 |
| suhosin.sql.union | 0 | 0 |
| suhosin.sql.user_postfix | no value | no value |
| suhosin.sql.user_prefix | no value | no value |
| suhosin.srand.ignore | On | On |
| suhosin.stealth | On | On |
| suhosin.upload.disallow_binary | 0 | 0 |
| suhosin.upload.disallow_elf | 1 | 1 |
| suhosin.upload.max_uploads | 25 | 25 |
| suhosin.upload.remove_binary | 0 | 0 |
| suhosin.upload.verification_script | no value | no value |
