Re: Web server security

On Sat, 2 Jun 2007, in the Usenet newsgroup comp.os.linux.security, in article
<slrnf61okb.j5h.syl@xxxxxxxxxxxxxxxxxx>, Sylvain Robitaille wrote:

Moe Trin wrote:

PHP is _so_ easy to abuse.

I know I'm being pedantic, but I think there is an important distinction
to be made:

Poorly written PHP code is an easy target for abuse.

The problem I see is that most PHP is poorly written. People don't want
to take the time to learn the language, and copy the horrendous stuff
that can be found everywhere, without understanding what it's doing, and
how some relatively simple coding problems can be eliminated.

PHP itself is just a language interpretter.

[compton ~]$ ls /var/spool/news/news/mailing/unix/bugtraq/* | wc -l
442
[compton ~]$ grep -l PHP /var/spool/news/news/mailing/unix/bugtraq/* | wc -l
46
[compton ~]$ ^l PHP^liw perl
grep -liw perl /var/spool/news/news/mailing/unix/bugtraq/* | wc -l
10
[compton ~]$ ^perl^ruby
grep -liw ruby /var/spool/news/news/mailing/unix/bugtraq/* | wc -l
4
[compton ~]$ ^ruby^python
grep -liw python /var/spool/news/news/mailing/unix/bugtraq/* | wc -l
10
[compton ~]$

Those other languages were grabbed at ransom. Many of the PHP articles
reflect problems with supplied crap that was written in PHP, rather than
fundamental problems with the language or interpreters.

("mailing.unix.bugtraq" is one of a number of mirrors of the Bugtraq
mailing list carried by news servers. This mirror happens to be from
csie.nctu.edu.tw, but the numbers from the muc.lists.bugtraq group which
is the mirror from "Newsgate at muc.de e.V." are virtually identical. The
442 articles is about a month of the list.)

Old guy
.

Relevant Pages

  • Re: Is this good use of Properties?
    ... VB.NET that you wish the language would have handled it better. ... Overloads can also be inferred by the compiler ... > Find great Windows Forms articles in Windows Forms Tips and Tricks ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: well-written article about Tony Blair
    ... LITUANUS - LITHUANIAN QUARTERLY JOURNAL OF ARTS AND SCIENCES ... The second issue of Au?ra contains two articles, ... Language is a fundamental element of national identity ... the Russian language, begins to push out the native language from ...
    (soc.culture.baltics)
  • Re: Standard GUI Toolkit
    ... Claudio Puviani wrote: ... related to the C++ language, and be pertinent to the global C++ ... In particular, articles pertaining ... Short announcements of new books and events are currently the only ...
    (comp.lang.cpp)
  • Re: Add words in BULK to a custom dictionary
    ... Open the file in Notepad and NOT in Word. ... Do a spell check on the wordlist in Word. ... if you find more articles with words you do not have. ... more that one default, one for every language. ...
    (microsoft.public.word.general)
  • Re: What does the future of computing hold?
    ... articles on the topic. ... someone invents "self-writing specifications". ... language rather than in natural language. ... Progress in software engineering & CS has always ...
    (comp.programming)