|
Posted by Chris Shiflett on 08/26/05 08:32
Ian C. McGarvey wrote:
> I have been studying PHP all summer because I wanted to put some
> PHP code on my schools web site. I got to school and went to the
> web design teacher. I asked him if they had installed PHP on their
> server. He said that the district thinks that it would be a HUGE
> security risk and that people at my school would try to hack into
> the server (what bull).
If you want to know why people have this perception, read the first
response you received:
Santosh Jambhlikar wrote:
> PHP HIT BY ANOTHER CRITICAL FLAW
>
> A new security flaw in the PHP Web service protocol used by a
> large number of Web applications could allow attackers to take
> control of vulnerable servers.
This is what people read in the media. Developers write vulnerable code,
and the "blame" gets shared by PHP itself. The end result is that people
think PHP itself is insecure.
Of course, if you ever see a news story that describes PHP as a web
service protocol, you probably want to stop reading immediately. :-)
Chris
--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/
Navigation:
[Reply to this message]
|