1 files changed, 12 insertions, 0 deletions
diff --git a/config/detect_dangerous_extensions.rules b/config/detect_dangerous_extensions.rules
new file mode 100644
index 0000000..8f10532
--- /dev/null
+++ b/config/detect_dangerous_extensions.rules
@@ -0,0 +1,12 @@
+## This example rules file shows how to detect and disable certain potentially
+## dangerous or unwanted extensions.
+@condition extension_loaded("runkit7");
+@error "The runkit7 extension can be used to rename classes and functions, thereby circumventing any filters set by Snuffleupagus. Please disable runkit7.";
+@condition extension_loaded("FFI");
+@warning "FFI extension is loaded. Disabling via 'ffi.enable=false'";
+sp.ini_protection.enable();
+sp.ini.key("ffi.enable").set("false").ro();
+@end_condition;

diff --git a/config/detect_dangerous_extensions.rules b/config/detect_dangerous_extensions.rules new file mode 100644 index 0000000..8f10532 --- /dev/null +++ b/config/detect_dangerous_extensions.rules
@@ -0,0 +1,12 @@
	1	## This example rules file shows how to detect and disable certain potentially
	2	## dangerous or unwanted extensions.
	3
	4	@condition extension_loaded("runkit7");
	5	@error "The runkit7 extension can be used to rename classes and functions, thereby circumventing any filters set by Snuffleupagus. Please disable runkit7.";
	6
	7	@condition extension_loaded("FFI");
	8	@warning "FFI extension is loaded. Disabling via 'ffi.enable=false'";
	9	sp.ini_protection.enable();
	10	sp.ini.key("ffi.enable").set("false").ro();
	11	@end_condition;
	12