We have recently came across one PHP hardeners called Husosin installed on one of PROD server - http://www.hardened-php.net/suhosin/
Briefly what it does:
"Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against buffer overflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections."
On PROD server we experienced issue with Memory Limits when we have set Memory limit to 50M in beginning of the script and then trying to change that to "unlimited" with -1 value (for image re-sizing in Image Helper) it's still being set to 50M. Below is the test case from that server
ini_set('display_errors', 1);
error_reporting(E_ALL);
echo 'suhosin.memory_limit = ' . ini_get('suhosin.memory_limit') . '<br/>';
ini_set('memory_limit', '50M');
ini_set('memory_limit', -1);
echo 'ML: memory_limit = ' . ini_get('memory_limit') . '<br/>';
In general Suhosin would only allow Memory Limit set to what it has in it's own settings.
I believe we should change our default 50M memory limit in init.php to be set to 128M. Additionally we have other discussion where we want to have ability to custom set Memory Limit from the template.
What are your thoughts on this?