In a Slashdot posting from over the weekend, there's note of a new project looking to taking an agressive approach to secutiry in PHP scripts and the servers they live on.

Yesterday (05.15.04) )the Hardened-PHP Project has announced its existence on the PHP-general mailinglist. It is the first public patch for PHP which adds security hardening features. It is meant as a proactive approach to protect servers against known and unknown weaknesses within PHP scripts or the engine itself. It enforces restrictions on include statements, adds canary protection to allocated memory and other internal structures and protects against internal format string vulnerabilities. It has syslog support and logs every attack together with the originating ip.

Their site has the current download of their software for use with PHP 4.3.6, as well as plenty of documentation on how the system works and how to get it installed.