Re: [Concept] Flip relative function lookup order (global, then local)

From:	John Coggeshall	Date:	Wed, 21 Aug 2024 18:02:11 +0000
Subject:	Re: [Concept] Flip relative function lookup order (global, then local)
References:	1	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

On Aug 21 2024, at 8:03 am, Rob Landers <[email protected]> wrote:
>
> If this is an attack vector for your application, then fully qualified names is the way to go
> (WordPress does this nearly everywhere, for example).
This is an attack vector for every application and I would argue should be a real concern for the
vast majority of applications out there -- any which rely on namespace-based frameworks and composer
packages from untrustworthy sources. It's not just Wordpress -- literally every single PHP
application that uses a publicly available framework and consumes external composer packages should
be FQing their internal function calls. The natural behavior of the language shouldn't be the
insecure way of doing things for the sake of maintaining BC compatibility with existing, insecure,
code.
Cheers,
John


   

Thread (112 messages)

• Ilija ToviloFri, 02 Aug 2024 16:51:33 +0000
  • Rob LandersFri, 02 Aug 2024 17:08:36 +0000
    • Ilija ToviloSun, 04 Aug 2024 17:41:17 +0000
      • Alexandru PătrănescuTue, 20 Aug 2024 08:01:10 +0000
        • Nick LockheartTue, 20 Aug 2024 08:41:23 +0000
          • Rob LandersTue, 20 Aug 2024 09:01:34 +0000
        • Levi MorrisonTue, 20 Aug 2024 15:14:05 +0000
          • Ilija ToviloTue, 20 Aug 2024 17:04:39 +0000
            • Faizan Akram DarTue, 20 Aug 2024 21:56:50 +0000
              • Rob LandersTue, 20 Aug 2024 22:20:51 +0000
          • Christian SchneiderWed, 21 Aug 2024 02:24:00 +0000
            • Levi MorrisonWed, 21 Aug 2024 06:05:49 +0000
            • Faizan Akram DarWed, 21 Aug 2024 07:44:10 +0000
              • Christian SchneiderWed, 21 Aug 2024 09:22:40 +0000
      • Rowan Tommins [IMSoP]Thu, 22 Aug 2024 21:32:13 +0000
        • Mike SchinkelThu, 22 Aug 2024 23:15:19 +0000
          • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 06:39:41 +0000Re: [Concept] Flip relative fu nction lookup order (global, then local)
            • Nick LockheartFri, 23 Aug 2024 07:27:39 +0000Re: [Concept] Flip relative function lookup order (global, then local)
              • Rob LandersFri, 23 Aug 2024 07:46:47 +0000
                • Nick LockheartFri, 23 Aug 2024 08:08:25 +0000
                  • Rob LandersFri, 23 Aug 2024 09:13:39 +0000
                    • Nick LockheartFri, 23 Aug 2024 09:34:06 +0000
                      • Christian SchneiderFri, 23 Aug 2024 10:14:28 +0000
                        • Rob LandersFri, 23 Aug 2024 10:27:21 +0000
                          • Christian SchneiderFri, 23 Aug 2024 12:56:21 +0000
                            • Rob LandersFri, 23 Aug 2024 13:16:19 +0000
                            • Mike SchinkelFri, 23 Aug 2024 13:44:39 +0000
                  • Mike SchinkelFri, 23 Aug 2024 11:52:01 +0000
                    • Christoph M. BeckerFri, 23 Aug 2024 12:13:44 +0000Re: [Concept] Flip relative function lookup order (global,then local)
                  • Stephen ReayFri, 23 Aug 2024 13:18:50 +0000
              • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 08:52:28 +0000
            • Mike SchinkelFri, 23 Aug 2024 11:29:04 +0000Re: [Concept] Flip relative function lookup order (global, then local)
              • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 11:50:10 +0000
                • Mike SchinkelFri, 23 Aug 2024 12:04:22 +0000
                  • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 12:33:45 +0000Re: [Concept] Flip relative fu nction lookup order (global, then local)
                    • Mike SchinkelFri, 23 Aug 2024 12:45:38 +0000Re: [Concept] Flip relative function lookup order (global, then local)
                      • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 13:07:14 +0000
                        • Mike SchinkelFri, 23 Aug 2024 13:28:33 +0000
        • Nick LockheartFri, 23 Aug 2024 00:42:38 +0000
          • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 08:16:26 +0000Re: [Concept] Flip relative fu nction lookup order (global, then local)
            • Nick LockheartFri, 23 Aug 2024 09:27:20 +0000Re: [Concept] Flip relative function lookup order (global, then local)
              • Rob LandersFri, 23 Aug 2024 12:16:57 +0000
                • Rob LandersFri, 23 Aug 2024 12:23:11 +0000
            • Stephen ReayFri, 23 Aug 2024 09:58:02 +0000Re: [Concept] Flip relative function lookup order (global, then local)
              • Paul DragoonisFri, 23 Aug 2024 10:19:30 +0000
              • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 10:29:32 +0000
                • Stephen ReayFri, 23 Aug 2024 12:43:58 +0000
                  • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 13:20:55 +0000
                    • Stephen ReayFri, 23 Aug 2024 14:04:32 +0000
                      • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 15:49:37 +0000Re: [Concept] Flip relative fu nction lookup order (global, then local)
                        • John CoggeshallFri, 23 Aug 2024 16:13:52 +0000Re: [Concept] Flip relative function lookup order (global, then local)
                          • Stephen ReayFri, 23 Aug 2024 16:35:02 +0000
                            • John CoggeshallFri, 23 Aug 2024 17:10:48 +0000
                              • John CoggeshallFri, 23 Aug 2024 17:13:00 +0000
                        • Stephen ReayFri, 23 Aug 2024 16:27:35 +0000Re: [Concept] Flip relative function lookup order (global, then local)
                          • John CoggeshallFri, 23 Aug 2024 16:56:32 +0000
                            • Stephen ReayFri, 23 Aug 2024 17:46:48 +0000
                              • John CoggeshallFri, 23 Aug 2024 18:37:39 +0000
                                • Stephen ReayFri, 23 Aug 2024 19:28:01 +0000
                        • Ilija ToviloFri, 23 Aug 2024 17:32:41 +0000Re: [Concept] Flip relative function lookup order (global, then local)
                          • Stephen ReayFri, 23 Aug 2024 18:10:44 +0000
                            • Ilija ToviloFri, 23 Aug 2024 18:17:03 +0000
                              • Stephen ReaySat, 24 Aug 2024 11:54:09 +0000
                                • Ilija ToviloSat, 24 Aug 2024 17:01:48 +0000
                                  • Stephen ReaySat, 24 Aug 2024 18:16:13 +0000
                                    • Rob LandersSat, 24 Aug 2024 20:36:43 +0000
                                    • Rowan Tommins [IMSoP]Sat, 24 Aug 2024 22:58:16 +0000Re: [Concept] Flip relative fu nction lookup order (global, then local)
                                      • Rob LandersSat, 24 Aug 2024 23:15:17 +0000Re: [Concept] Flip relative function lookup order (global, then local)
                                      • Stephen ReaySun, 25 Aug 2024 05:27:41 +0000Re: [Concept] Flip relative function lookup order (global, then local)
                          • John CoggeshallFri, 23 Aug 2024 18:19:26 +0000
                            • Ilija ToviloFri, 23 Aug 2024 18:21:27 +0000
                              • Mike SchinkelSun, 25 Aug 2024 02:23:20 +0000
                          • Rob LandersFri, 23 Aug 2024 18:19:49 +0000
                          • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 19:41:41 +0000Re: [Concept] Flip relative fu nction lookup order (global, then local)
                            • John CoggeshallFri, 23 Aug 2024 19:47:01 +0000Re: [Concept] Flip relative function lookup order (global, then local)
                            • Rob LandersFri, 23 Aug 2024 19:50:05 +0000Re: [Concept] Flip relative function lookup order (global, then local)
                              • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 20:03:15 +0000Re: [Concept] Flip relative fu nction lookup order (global, then local)
                            • Ilija ToviloFri, 23 Aug 2024 21:57:12 +0000Re: [Concept] Flip relative function lookup order (global, then local)
                              • Rob LandersSat, 24 Aug 2024 09:00:13 +0000
                                • Rob LandersSat, 24 Aug 2024 09:09:27 +0000
                                  • Stephen ReaySat, 24 Aug 2024 11:59:45 +0000
                                    • Rob LandersSat, 24 Aug 2024 12:32:28 +0000
                                    • Ilija ToviloSat, 24 Aug 2024 16:34:41 +0000
                                      • Stephen ReaySat, 24 Aug 2024 17:11:35 +0000
                                      • Rob LandersSat, 24 Aug 2024 20:26:26 +0000
              • Rowan Tommins [IMSoP]Fri, 23 Aug 2024 11:28:13 +0000
  • Rob LandersFri, 02 Aug 2024 17:14:56 +0000
  • Nick LockheartFri, 02 Aug 2024 17:19:41 +0000
    • Rowan Tommins [IMSoP]Fri, 02 Aug 2024 17:53:50 +0000Re: [Concept] Flip relative fu nction lookup order (global, then local)
      • Nick LockheartFri, 02 Aug 2024 18:46:03 +0000Re: [Concept] Flip relative function lookup order (global, then local)
        • Rowan Tommins [IMSoP]Fri, 02 Aug 2024 20:30:42 +0000Re: [Concept] Flip relative fu nction lookup order (global, then local)
  • Thomas NunningerFri, 02 Aug 2024 17:49:54 +0000
  • Claude PacheFri, 02 Aug 2024 19:01:47 +0000
    • Ilija ToviloSun, 04 Aug 2024 17:53:11 +0000
      • Nick LockheartSun, 04 Aug 2024 18:07:27 +0000
  • BilgeFri, 02 Aug 2024 20:37:23 +0000
    • Nick LockheartFri, 02 Aug 2024 22:00:33 +0000
      • Christoph M. BeckerFri, 02 Aug 2024 22:48:27 +0000Re: [Concept] Flip relative function lookup order(global, then local)
      • DeleuFri, 02 Aug 2024 22:48:38 +0000
        • Nick LockheartSun, 04 Aug 2024 06:19:18 +0000Request for RFC Karma
          • Christoph M. BeckerSun, 04 Aug 2024 09:52:30 +0000
      • Rowan Tommins [IMSoP]Thu, 22 Aug 2024 21:40:45 +0000
    • John CoggeshallWed, 21 Aug 2024 08:23:13 +0000
      • Rob LandersWed, 21 Aug 2024 12:03:57 +0000
        • John CoggeshallWed, 21 Aug 2024 18:02:11 +0000
          • Ilija ToviloWed, 21 Aug 2024 18:10:50 +0000
            • John CoggeshallWed, 21 Aug 2024 18:32:55 +0000
              • John CoggeshallWed, 21 Aug 2024 18:35:29 +0000
              • Rob LandersThu, 22 Aug 2024 08:09:52 +0000
                • John CoggeshallThu, 22 Aug 2024 17:56:30 +0000
  • Derick RethansMon, 05 Aug 2024 11:23:50 +0000
    • Ilija ToviloMon, 05 Aug 2024 13:15:46 +0000