At 04:48 27/07/2001, Peter Petermann wrote:
>well, i think you misunderstood me.
>we are not talking of a brakeless car, and we are not talking
>about a language who is not able to be used secure.
>we are talking about something that has the abilities to be secure,
>we just need to teach the people how,
>the same as people need to learn how to drive,
>without they can start the engine, and dont know how to brake,
>but the brakes are there!

We are talking about a brakeless car here.  It's not impossible to drive a 
brakeless car.  If you're aware of it, you can probably drive around 
reasonably, if you pay close attention all the time, and drive slow 
enough.  You may be proficient enough to use the parking-brakes instead 
too.  But it's much less secure by definition.  register_globals=off means 
significantly increased probability for security trouble.  It's as simple 
as that.

>i have read the advisory, but i cant agree that "register_globals=on" is 
>the problem
>the user, who cant deal with that is the problem
>
>php is a language,
>if people dont secure there applications,
>they are wrong, not php is.

That's where I, Kristian, the advisory and others disagree.  If a random 
PHP app you'd pick, even one written by a good coder that is written in a 
modular and clean way, is likely to have bugs related to this feature, than 
it means the feature is at fault.  In a perfect world, people would be able 
to work alongside that feature to write secure apps, as it is possible, but 
it's *DIFFICULT*, and it's non intuitive.  Thus, in the average case, it 
would lead to security bugs.  Thus, it's flawed and should be changed.

>if i give machines to you, allowing you to build cars
>secure ones, and insecure ones (those without brakes ;)
>and you build a insecure one, thats not my fault.

That's not the case here.  Peter, we're not talking about liability 
concerns.  It's not as if we're afraid one of those users would sue us 
because we provided him with an insecure language.  It's about the 
perception of PHP.  If you think that PHP is going to retain a reputation 
of a good language, when every 2nd PHP application out there ends up having 
security problems, and when advisories repeatedly find flaws which they, as 
well as a large number of PHP developers believe to be related to PHP's 
behavior, you're wrong.  This hurts PHP big time.

>but if i want to help you, i wouldnt turn of one of the
>switches you use, and hope you dont use another one for the same,
>i would teach you how to build the secure cars,
>how to do crashtests etc.

That's exactly like providing one with a brakeless car, and investing a 
huge amount of resources on teaching him how to drive slower and using the 
parking brakes to achieve equivalent safety.  It works, but it's wrong.

Zeev


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to