[development] Remove PHP filter by default

Bèr Kessels ber at webschuur.com
Sun Jan 29 16:24:21 UTC 2006


Op zondag 29 januari 2006 15:22, schreef Morbus Iff:
> Ugh, holy crap, please no. Let me shoot myself in the foot, but don't
> force me to fucking load an FTP client. I thought this was a content
> management system - if I'm forced to a) write my content in a text
> editor, b) upload it through an FTP program, c) THEN manage it in the
> CMS, Drupal just isn't useful to me anymore.

Content is not PHP. Code is not content. Content is text; PHP is logic. 
Hell, we could probably store the whole of Drupal in the database, and add a 
few small files to eval it.

Why is that not the case? Because we want to maintain a separation between 
logic and code. 

Besides these philosophical reasons, php input is just a real big security 
hole. It is not about shooting in your own foot. But about people like bryght 
etc handing out guns to let people shoot bryght in the foot. 
Just for fun: try securing your site, by imagining an administrator that you 
do not trust. Its near impossible! that adminstrator can hardly administer 
anything, because you have to close so many backdoors, all related to PHP 
input that there is hardly anything left adminstrating.

Bèr


More information about the development mailing list