On Wed, 3 May 2006 01:08:50 -0700 paul dansing <[EMAIL PROTECTED]> wrote:
> php is required in order to use many of the more mature web > applications such as forum software. i run apache chroot, use > modsecurity, and use ipf to limit the www user. a tight systrace > policy might help but not very much incremental gain. everyone says > php is a security breach waiting to happen, so what else can i do if i > want to use these large apps without rewriting them from scratch in > another language? There is plenty of stuff written in better languages. Not only is PHP a horrible nightmare, but 90% of the code written in it is even worse. Are you actually looking at the code you are using, or are you just installing crap like phpBB because everyone else does? Adam
