Re PHP security issues

Document Sample
Re PHP security issues Powered By Docstoc
					                                          Re: PHP security issues?

Re: PHP security issues?

Source: http://linux.derkeiler.com/Mailing−Lists/Debian/2006−04/msg01104.html



      • From: David Clymer <david@xxxxxxxxxxxxxx>
      • Date: Sun, 09 Apr 2006 08:53:38 −0400

On Sat, 2006−04−08 at 21:34 −0700, Marc Shapiro wrote:

        I recently installed php4 (4.3.10−16) since I am about to bite the
        bullet and pay for hosting of my web−site and the hosting service
        (1&1.com) only allows php3, php4, or php5 with its least expensive
        service. I am now going to teach myself php so that I can make use of
        the service if need be. I keep seeing posts, however, about security
        issues with "badly written" php scripts. Can someone point me to some
        info explaining what the security issues are so that I don't end up
        writing scripts that will be a security risk.


I think a PHP mailing list would be the appropriate place for this
question, not debian−user.

For secure programming tips, go to google, type in "writing secure php"
and click "I'm feeling lucky."

If you have to learn a language, you might want to think about using
python−hosting.com or some other place that supports Django
(http://djangoproject.com) and RubyOnRails (http://rubyonrails.org) as
well as PHP. IMHO, PHP is one of the uglier languages out there. These
two frameworks are written in much more beautiful/powerful languages
(python and ruby, respectively), and take care of a lot of the tedium
involved in developing web apps − Django especially.

−davidc
−−
gpg−key: http://www.zettazebra.com/files/key.gpg

Attachment: signature.asc
Description: This is a digitally signed message part




Re: PHP security issues?                                                        1