The [phpsec] Mailing List

Welcome to the [phpsec] mailing list main page.

[phpsec] is a mailing list dedicated to the security of PHP and its related applications. Our goal is to maintain an early-warning system through which developers, systems administrators and researches can discuss and exchange information about maintaining PHP, PHP applications and PHP systems secure.

[phpsec] is a moderated mailing list. This allows us to keep the signal-to-noise ratio as high as possible. Messages that will reach the list include:

Announcements of new security products relevant to PHP
Reports of publicly-known security issues related to PHP or PHP applications
Requests/discussions on PHP security (e.g.: setup, installation and maintenance)
Requests/discussions on PHP security in application development

Examples of messages that will not reach the list include:

General PHP help problems
PHP programming questions unrelated to security
Reports of exploits or other security holes of which the appropriate maintainers have not yet been made aware
Messages that are generally off-topic, commercial in nature, personal attacks, profanity and otherwise offensive material. These will be immediately moderated off the list.

Privacy Policy

The goal of this list is to keep us all informed about security, not to spam. Therefore, we have decided to implement a very simple privacy policy:

All messages coming from the list have the identifier [phpsec] in the subject
We will not send purely commercial messages to the list (paid *or* unpaid). The only exception to this rule are announcements of new security products and small commercial messages from our sponsors that are added below the signature line.
We will not sell access to the list to any third party for any reason (except, of course, for messages posted to the list that are relevant and on-topic, such as security announcements).