diff options
| -rw-r--r-- | config/default_php8.rules | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/config/default_php8.rules b/config/default_php8.rules index 580ba0a..98cc0db 100644 --- a/config/default_php8.rules +++ b/config/default_php8.rules | |||
| @@ -39,7 +39,9 @@ sp.disable_function.function("chmod").param("permissions").value("438").drop(); | |||
| 39 | sp.disable_function.function("chmod").param("permissions").value("511").drop(); | 39 | sp.disable_function.function("chmod").param("permissions").value("511").drop(); |
| 40 | 40 | ||
| 41 | # Prevent various `mail`-related vulnerabilities | 41 | # Prevent various `mail`-related vulnerabilities |
| 42 | sp.disable_function.function("mail").param("additional_parameters").value_r("\\-").drop(); | 42 | # Uncommend the second rule if you're using php8.3+ |
| 43 | #sp.disable_function.function("mail").param("additional_parameters").value_r("\\-").drop(); | ||
| 44 | #sp.disable_function.function("mail").param("additional_params").value_r("\\-").drop(); | ||
| 43 | 45 | ||
| 44 | # Since it's now burned, me might as well mitigate it publicly | 46 | # Since it's now burned, me might as well mitigate it publicly |
| 45 | sp.disable_function.function("putenv").param("assignment").value_r("LD_").drop() | 47 | sp.disable_function.function("putenv").param("assignment").value_r("LD_").drop() |