Q: What is the Suhosin patch for PHP and how does it affect me?
A: Suhosin is a security patch & security module for PHP; it offers some extremely attractive features if you're running a high traffic blog-hosting environment. As cribbed from the longer, better written official feature list:
- Transparent Cookie Encryption
- Optionally disallows Remote URL inclusion
- Optionally disallows inclusion of uploaded files
- Stops directory traversal attacks
- Allows disabling eval()
- Protection against infinite recursion through a configurable maximum execution depth
- Supports per Virtual Host / Directory configureable function black- and whitelists
- Supports a separated function black- and whitelist for evaluated code
- Protects against scripts manipulating their assigned memory limit
- Protects PHP's superglobals against extract() and import_request_vars()
- Adds protection against newline attacks to mail()
- Adds protection against \0 attack on preg_replace()
- Transparent encryption of session data
- Transparent session hijacking protection
- Protection against overlong session identifiers
- Protection against malicious chars in session identifiers
- Ignores GET, POST, COOKIE variables with the following names: GLOBALS, _COOKIE, _ENV, _FILES, _GET, _POST, _REQUEST_SERVER, _SESSION, HTTP_COOKIE_VARS, HTTP_ENV_VARS HTTP_GET_VARS, HTTP_POST_VARS, HTTP_POST_FILES, HTTP_RAW_POST_DATA, HTTP_SERVER_VARS, HTTP_SESSION_VARS
- Allows enforcing limits on REQUEST variables or separated by type (GET, POST, COOKIE)
- Supports a number of variables per request limit, as well as setting maximum length of variable names, array indices, variable values and a maximum depth of arrays
- Automatic banning of uploaded ELF executables
- Automatic banning of uploaded binary files
- Automatic stripping of binary content in uploaded files
- Multiple log devices (syslog, SAPI module error log, external logging script), as well as extending the syslog facility
While this can potentially break a few packages out of the box (phpMyAdmin for example), it's a well understood problem, with several documented solutions. It provides an additional measure of security and stability for virtualhosts and it helps mitigate the possibility of a poorly written script compromising either your uptime or your security.
The benefits of Suhosin are further expanded upon by Brandon Savage in his brief article "The Invisible Hand of PHP," which is an excellent primer if you're interested in a 10,000 foot overview of what Suhosin does.