PHP - security etc
Adrian Howard
adrianh at quietstars.com
Wed Mar 7 14:08:16 GMT 2007
On 7 Mar 2007, at 13:54, Andy Armstrong wrote:
[snip]
> Thirdly the PHP team have historically had a rather cavalier
> attitude to security. They've implemented a number of mechanisms
> (register globals, URL wrappers for fopen et al, etc) that have
> favoured ease of use over security.
[snip]
And while modern PHPs do the "right thing" (e.g. switch off
register_globals by default), there are still a lot of people whose
first step is to switch it back on again :-)
Adrian
More information about the london.pm
mailing list