In article <[EMAIL PROTECTED]>,
Rasmus Lerdorf wrote:
>> But that's not the point. The point is that people who don't care about
>> security or coding style (beginners or professionals, doesn't really
>> matter) are less likely to write insecure code, because there's one
>> mistake less that they can make. As long as they stick to the defaults,
>> anyway.
>
>And one language less that these people are able to use.
I do not think that the current php users would drop the language. Maybe it
would prevent certain users to start working with it.
I'm sure that some good faqs on security issues would prevent a lot of harm.
Not only with issues on uninitialized vars (which I tend to forget too) but
problems like default passwords in a new installed application, using
extentions for libs that could are handled as plain text, etc...
I think that settings like 'allow_url_fopen' is causing much more issues
then people can imagine. A short visit to Google will bring you to a lot
of sites that are exploitable.
Regards,
Hans
--
http://phpreview.nl.linux.org
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
