Hosting Provided By

Re: non-PHP webmail

From: Austin Denyer <adenyer(at)ekn.com>
Date: Tue Jul 31 2007 - 09:57:10 EDT

andrew holway wrote:
> On 29/07/07, Roberto C. Sánchez <roberto@connexer.com> wrote:

>> On Sun, Jul 29, 2007 at 08:45:10AM -0700, Seth Mattinen wrote:
>>> PHP's problems are typically caused by horrible programming practice -
>> Except that such horrible programming practice is *promoted* by the
>> language and its developers?  I mean, register_globals?!?!

>
> Which, since I think V4 has been default off. It is still used to
> great effect on intranets and non web applications.

It's not even an option in PHP6.

>>> such as using variables from user input and assuming PHP will make the
>>> input safe. Based on server logs, Windows still seems to be a very
>>> highly targeted attack vector too. So why make a comment about PHP like
>>> that?

Based on US-CERT reports, C/C++ applications are a very highly targeted attack vector...

> I have found php to be bombproof(especially on debian) as long as the
> security updates are kept up. I think this is the same for everything
> tho.

PHP is like a chainsaw. Very useful in the right hands, and very dangerous in the wrong ones #;-D

Regards,
Austin.

-- 
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


application/pgp-signature attachment: OpenPGP digital signature

Received on Tue Jul 31 09:57:39 2007

This message: [ Message body ]
Next message: Marc Schiffbauer: "iptables conntrack: packets not matching a rule occasionally?"
Previous message: Marcin Sochacki: "Re: Webalizer weirdness"
In reply to: andrew holway: "Re: non-PHP webmail"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Thu Aug 09 2007 - 18:01:48 EDT

Do you need help?