Some hosts didn't even bother with this. I used a PHP host who ran another script after serving the hosted one, but it you used `die()` you could skip any other fluff they included.
I'm interested to know how others feel about browsing through random issues on some open-source project like this out of boredom. As someone who struggles finding the time to commit to entire features in my spare time, knowing there are lurkers who could piece together a PR from commits to abandoned forks or getting intouch with developers on discord (for example) is quite inspiring!
Absolutely correct. Although this was intentional behaviour, it was given a security advisory[1]. In practice it allowed all sorts of exploits, including dumping packed executables for cracking, as you say.
I've always wanted to find time looking at recompiling the Xbox Live Arcade (XBLA) titles from the 360 to Windows. The games are just dotNET applications which run against a variation of the standard libraries.