lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 31 Dec 2006 09:00:23 +1100
From: Kevin Waterson <kevin@...ania.net>
To: bugtraq@...urityfocus.com
Subject: Re: PHP as a secure language? PHP worms? [was: Re: new linux
 malware]

This one time, at band camp, Gadi Evron <ge@...uxbox.org> wrote:

>
> Indeed, the most annoying thing about the PHP worms today is that these 
> PHP vulnerabilities being exploited are everywhere.

These are not PHP vulnerabilities, these are application vulnerabilities.
 

> 2. Developing secure applications in PHP is difficult, as one of PHP's 
> creators said recently - even to him after years of trying.

Who said this? do you have a source?

> 3. Staying on top of new PHP vulnerabilities has become impossible, 
> popping around everywhere.

Application vulnerabilities...
 
kevin

-- 
"Democracy is two wolves and a lamb voting on what to have for lunch. 
Liberty is a well-armed lamb contesting the vote."

Powered by blists - more mailing lists