Chris Shiflett has announced (via the phpsec.org mailing list) a new project to help make PHp installations safer in a simple, easy-to-use package - PHPSecInfo.

Ed Finkler of the PHP Security Consortium has launched a new project to help developers and system administrators audit PHP environments. PHPSecInfo provides a simple-to-use security audit system for the PHP environment, with a look and feel similar to that of the phpinfo() function.

PHPSecInfo currently has a suite of 16 tests. Interested PHP developers are encouraged to propose and write new tests for consideration as well as help refine the existing test suite. You can find contact information for Ed Finkler and any member of the PHP Security Consortium online at http://phpsec.org/contact/.

The development of the project is being partially sponsored by CERIAS at Purdue University. There's an example of the output from the script and a download dated for the beginning of August. Contributions are welcome and accepted, especially in certain areas like documentation, test writing, suggestions, and feedback.