-2

I believe I have set up my code quite securely, it validates and cleans user input so it's safe, etc.

So would I need SuHosin? (which is a security addition/patch for PHP)

How does it help me if my code is already secure?
For example, I read that SuHosin helps prevent remote includes, but if my code doesn't use remote includes in the first place how is that a threat?

Hope4You
  • 165
  • 3
  • 12

1 Answers1

8

This boils down to two simple questions,

  1. is one layer of security enough?
  2. is any piece of code ever bug free?

SuHosin provides an additional layer of security, on top of your already secure application, to cover those inevitable instances where you do have gaps in your own code.

No piece of code is 100% secure, because no piece of code is 100% free of bugs, and who knows how those bugs can be exploited.

Additionally, you don't know what bugs or vulnerabilities are present in PHP or the PHP modules you use. SuHosin may protect you from those as well.

In summary,

  1. One layer of security is usually not enough.
  2. No piece of code is ever bug free.

Whether you use it is a personal choice, a mixture of,

  1. what's the impact of exposure on my site?
  2. what's the overhead or complication of using SuHosin?

You trade one against the other, high impact and low overhead = go for it, low impact and high overhead = maybe not bother.

EightBitTony
  • 9,311
  • 1
  • 34
  • 46
  • Thanks. `Additionally, you don't know what bugs or vulnerabilities are present in PHP or the PHP modules you use. SuHosin may protect you from those as well.` Can you explain how that's a concern if my script itself is secure? `[Ask] what's the overhead or complication of using SuHosin?` Do you know how difficult it is to use SuHosin? – Hope4You Jun 25 '12 at 18:52
  • 3
    Your script is being executed by PHP, any exploits for PHP may potentially expose your entire server. The second question is too broad for a comment. – EightBitTony Jun 25 '12 at 18:53
  • 2
    Suhosin adds *many* limits to a bunch of various ressources (input queries, variables names and contents, hard memory limits, etc. etc) and making sure that many numbers don't go wild on a production server is a good recipe for *stable* and *predictable* applications. OTOH a few outstanding requests will fail and you might need to push a few limits where it makes sense for you. Most Suhosin (default) limits I've seen crossed where outragious abuse. – zerodeux Jun 25 '12 at 20:17