1 files changed, 2 insertions, 0 deletions
diff --git a/config/default_php8.rules b/config/default_php8.rules
index 98cc0db..096f033 100644
--- a/config/default_php8.rules
+++ b/config/default_php8.rules
@@ -26,6 +26,8 @@ sp.xxe_protection.enable();
 # PHP has a lot of wrappers, most of them aren't usually useful, you should
 # only enable the ones you're using.
 # sp.wrappers_whitelist.list("file,php,phar");
+# The "php" wrapper can be further filtered
+# sp.wrappers_whitelist.php_list("stdout,stdin,stderr");
 # Prevent sloppy comparisons.
 # sp.sloppy_comparison.enable();

diff --git a/config/default_php8.rules b/config/default_php8.rules index 98cc0db..096f033 100644 --- a/config/default_php8.rules +++ b/config/default_php8.rules
@@ -26,6 +26,8 @@ sp.xxe_protection.enable();
26	# PHP has a lot of wrappers, most of them aren't usually useful, you should	26	# PHP has a lot of wrappers, most of them aren't usually useful, you should
27	# only enable the ones you're using.	27	# only enable the ones you're using.
28	# sp.wrappers_whitelist.list("file,php,phar");	28	# sp.wrappers_whitelist.list("file,php,phar");
		29	# The "php" wrapper can be further filtered
		30	# sp.wrappers_whitelist.php_list("stdout,stdin,stderr");
29		31
30	# Prevent sloppy comparisons.	32	# Prevent sloppy comparisons.
31	# sp.sloppy_comparison.enable();	33	# sp.sloppy_comparison.enable();