protect servers and users of the defects that are recognized or unrecognized
in PHP applications and the PHP core. Suhosin comes in two parts
independent, can be used separately or combined.
Patches and the Suhosin extension can be downloaded at http://www.hardened-php.net/suhosin/download.html
installation
Preparation
If you want to install PHP with Suhosin-Patch you must first
doing some preparatory steps.
Step 1: installation signaturekey hardened-PHP Project
First you grab a copy of darihttp: / / www.harde php.ne ne d-t / d ne harde-
php-signature-key.asc and import it into your keychain GNU Privacy Guard
#> gpg --import < hardened-php-signature-key.asc
gpg: /root/.gnupg/trustdb.gpg: trust-db erzeugt
gpg: key 0A864AA1: public key "Hardened-PHP Signature Key" imported
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1
gpg:
gpg: /root/.gnupg/trustdb.gpg: trust-db erzeugt
gpg: key 0A864AA1: public key "Hardened-PHP Signature Key" imported
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1
gpg:
importiert: 1
Step 2: download and check the necessary files
Now it's time to grab a copy of the PHP tarball newest and latest version of suhosin-patch. In addition, you must obtain a digital signature (*. sig) files. You can grab all of this in http://www.hardened-php.net/suhosin/download.html
As a first precaution you can check the MD5 hash of the file
download of the people you find on the download page
#> Md5sum php-5.1.4.tar.bz2
66a806161d4a2d3b5153ebe4cd0f2e1c php-5.1.4.tar.bz2
#> Md5sum suhosin-patch-5.1.4-0.9.0.patch.gz
ea9026495c4ce34a329fd0a87474f1ba suhosin-patch-5.1.4-0.9.0.patch.gz
Step 3: Unpacking and Patching
You must now unpack the PHP tarball, gunzip patchfile and then
apply the patch.
#> Tar-xfj php-5.1.4.tar.bz2
#> Gunzip suhosin-patch-5.1.4-0.9.0.patch.gz
#> Cd php-5.1.4
#> Patch-p 1-i ../suhosin-patch-5.1.4-0.9.0.patch
No comments:
Post a Comment