On 20 Jan 2003, Sayamindu Dasgupta wrote: > Be prepared for > > I have read about the possible security issues with PHP in many > websites. Could you please shed some light on that ?
PHP is not a 'full featured' language like PERL or Python, but was designed to operate as server-side scripting in a web environment. Beyond the basic security that this design gives you, it also has a 'safe mode' which disallows server-side file access outside of a virtual-servers document root....etc.etc.. There is much that can be written here. Is it design issues, or codeing errors that are of interest? One of the advantages of PHP now being shipped with most distros is that the number of eyes looking at it (especially the commercial eyes), the more likely any problems will be found. This wasn't the case with the older PHP's that were a bit of a niche/hacker market. > -sdg- --- Russell McOrmond, Internet Consultant: <http://www.flora.ca/> Any 'hardware assist' for communications, whether it be eye-glasses, VCR's, or personal computers, must be under the control of the citizen and not a third party. -- http://www.flora.ca/russell/ -- To unsubscribe, send mail to [EMAIL PROTECTED] with the body "unsubscribe ilug-cal" and an empty subject line. FAQ: http://www.ilug-cal.org/node.php?id=3
