David Zülke writes: > I don't care about the thousands of idiots out there who are too > dumb to avoid security leaks.
You don't have to be very dumb to create a whopping big security hole. It should be *hard* to create a security lapse which causes hostile code to run on your server. 'include' makes it trivial. > The discussion is stupid, and it did nothing but waste helluva lot > of bandwidth. Actually ... this discussion established firmly that PHP's insecurity is designed-in as a _feature_. Anybody reading the archives will understand that PHP and security will forever be strangers to each other. Sorry, Rasmus, for calling a spade a spade, but it needs to be said even if you don't like it. -- --My blog is at blog.russnelson.com | If you want to find Crynwr sells support for free software | PGPok | injustice in economic 521 Pleasant Valley Rd. | +1 315-323-1241 | affairs, look for the Potsdam, NY 13676-3213 | | hand of a legislator. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
