Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:27370
Return-Path: <ilia@prohost.org>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 19016 invoked by uid 1010); 11 Jan 2007 17:06:32 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 18971 invoked from network); 11 Jan 2007 17:06:32 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 11 Jan 2007 17:06:32 -0000
Authentication-Results: pb1.pair.com smtp.mail=ilia@prohost.org; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=ilia@prohost.org; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain prohost.org from 64.233.166.177 cause and error)
X-PHP-List-Original-Sender: ilia@prohost.org
X-Host-Fingerprint: 64.233.166.177 py-out-1112.google.com Linux 2.4/2.6
Received: from [64.233.166.177] ([64.233.166.177:7380] helo=py-out-1112.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 5E/10-15642-E6E66A54 for <internals@lists.php.net>; Thu, 11 Jan 2007 12:05:50 -0500
Received: by py-out-1112.google.com with SMTP id a25so263669pyi
        for <internals@lists.php.net>; Thu, 11 Jan 2007 09:05:47 -0800 (PST)
Received: by 10.35.112.4 with SMTP id p4mr2892483pym.1168535147768;
        Thu, 11 Jan 2007 09:05:47 -0800 (PST)
Received: from ?192.168.1.131? ( [204.101.63.110])
        by mx.google.com with ESMTP id w29sm1020798pyg.2007.01.11.09.05.47;
        Thu, 11 Jan 2007 09:05:47 -0800 (PST)
In-Reply-To: <20070111144144.GV15998@mint.phcomp.co.uk>
References: <20070111144144.GV15998@mint.phcomp.co.uk>
Mime-Version: 1.0 (Apple Message framework v752.3)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-ID: <80C94C6E-4646-459E-B695-B072F14378F0@prohost.org>
Cc: internals@lists.php.net
Content-Transfer-Encoding: 7bit
Date: Thu, 11 Jan 2007 12:05:45 -0500
To: Alain Williams <addw@phcomp.co.uk>
X-Mailer: Apple Mail (2.752.3)
Subject: Re: [PHP-DEV] Comments on PHP security
From: ilia@prohost.org (Ilia Alshanetsky)


On 11-Jan-07, at 9:41 AM, Alain Williams wrote:

> This has just appeared:
>
> 	http://www.theregister.co.uk/2007/01/11/php_apps_security/

Of many people who use PHP not many have strong programming  
background and even fewer experience with security. The use PHP  
because it makes it easy to solve problems, especially in a web  
environment. When you consider this it is hardly surprising that many  
people write bad and/or insecure code. While PHP does try to make  
things better, and occasionally has bugs in the language core you  
need to realize that PHP is a programming language. As such if you  
really want to shoot yourself in the foot you can, just as you can do  
with C/C++/Perl/Python/etc...

Ilia Alshanetsky