|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware]
From: Kevin Waterson (kevin
oceania.net)
Date: Mon Jan 01 2007 - 21:45:27 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This one time, at band camp, Chad Maron <chadsimianworks.net> wrote:
> As far as I'm concerned, PHP is one of the better languages out there it's just that lazy and incompetent pseudo-developers get their hands on tutorial code and copy-paste it into oblivion.
agreed, however PHP core Developers will often overlook the PHP communities
cries for security tools to implement secure practises.
The filter extension goes a long way to addressing this, but still we see issues
such as deprecated extensions like the Mimetype Functions that leave a gaping hole
in validation of file types without installing extra's from PECL (FileInfo) which is
not always available to the person, particularly in a shared hosting environment.
--
"Democracy is two wolves and a lamb voting on what to have for lunch.
Liberty is a well-armed lamb contesting the vote."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]