At 04:48 27/07/2001, Peter Petermann wrote:
>well, i think you misunderstood me.
>we are not talking of a brakeless car, and we are not talking
>about a language who is not able to be used secure.
>we are talking about something that has the abilities to be secure,
>we just need to teach the people how,
>the same as people need to learn how to drive,
>without they can start the engine, and dont know how to brake,
>but the brakes are there!
We are talking about a brakeless car here. It's not impossible to drive a
brakeless car. If you're aware of it, you can probably drive around
reasonably, if you pay close attention all the time, and drive slow
enough. You may be proficient enough to use the parking-brakes instead
too. But it's much less secure by definition. register_globals=off means
significantly increased probability for security trouble. It's as simple
as that.
>i have read the advisory, but i cant agree that "register_globals=on" is
>the problem
>the user, who cant deal with that is the problem
>
>php is a language,
>if people dont secure there applications,
>they are wrong, not php is.
That's where I, Kristian, the advisory and others disagree. If a random
PHP app you'd pick, even one written by a good coder that is written in a
modular and clean way, is likely to have bugs related to this feature, than
it means the feature is at fault. In a perfect world, people would be able
to work alongside that feature to write secure apps, as it is possible, but
it's *DIFFICULT*, and it's non intuitive. Thus, in the average case, it
would lead to security bugs. Thus, it's flawed and should be changed.
>if i give machines to you, allowing you to build cars
>secure ones, and insecure ones (those without brakes ;)
>and you build a insecure one, thats not my fault.
That's not the case here. Peter, we're not talking about liability
concerns. It's not as if we're afraid one of those users would sue us
because we provided him with an insecure language. It's about the
perception of PHP. If you think that PHP is going to retain a reputation
of a good language, when every 2nd PHP application out there ends up having
security problems, and when advisories repeatedly find flaws which they, as
well as a large number of PHP developers believe to be related to PHP's
behavior, you're wrong. This hurts PHP big time.
>but if i want to help you, i wouldnt turn of one of the
>switches you use, and hope you dont use another one for the same,
>i would teach you how to build the secure cars,
>how to do crashtests etc.
That's exactly like providing one with a brakeless car, and investing a
huge amount of resources on teaching him how to drive slower and using the
parking brakes to achieve equivalent safety. It works, but it's wrong.
Zeev
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]