[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PHP security (or the lack thereof)

To: "Darren Reed" <avalon@xxxxxxxxxxxxxxxxxxx>
Subject: Re: PHP security (or the lack thereof)
From: "Bojan Zdrnja" <bojan.zdrnja@xxxxxxxxx>
Date: Sat, 17 Jun 2006 11:06:03 +1200

On 6/16/06, Darren Reed <avalon@xxxxxxxxxxxxxxxxxxx> wrote:


From my own mail archives, PHP appears to make up at least 4%
of the email to bugtraq I see - or over 1000 issues since 1995,
out of the 25,000 I have saved.

People complain about applications like sendmail...in the same
period, it has been resopnsible for less than 200.

Do we have a new contender for worst security offender ever
written ?


Well, PHP is a programming language and Sendmail is an application -
I'd say you are comparing apples and oranges here.

If you really want to compare applications, take phpBB for example
(which is the winner in this case), but I don't think it makes much
sense looking for a new contender for worst security offender ever
written ...

Bojan

Follow-Ups:
- Re: PHP security (or the lack thereof)
  - From: Jessica Hope

References:
- PHP security (or the lack thereof)
  - From: Darren Reed

Prev by Date: GreatDomains.com - XSS with cookie disclosure
Next by Date: Re: PHP security (or the lack thereof)
Previous by thread: PHP security (or the lack thereof)
Next by thread: Re: PHP security (or the lack thereof)
Index(es):
- Date
- Thread