Re: is PHP less secure than Perl, Python, or Ruby?
- From: Michael Fesser <netizen@xxxxxx>
- Date: Tue, 27 Feb 2007 17:34:16 +0100
..oO(walterbyrd)
I honestly don't know. But, I have seen articles and posts about how
PHP is terribly insecure. I don't usually see comparisons to other
common web languages.
You can write insecure and vulnerable code in every language.
A tool is just as good as the one who uses it.
I think the big vulnerablity is supposed to be code injections.
There are many different kinds of injections (code, SQL, mail headers,
XSS ...). Some languages may have their own ways to handle some of them
(tainted variables, prepared statements ...), in others you have to make
your hands more dirty, but you always have to take them into account in
every language used for server-side programming.
Another security issue would be having code stolen, but I think that
PHP can be protected from that.
PHP is executed on the server. If someone is able to get the code then
you have another _real_ problem.
Micha
.
- References:
- is PHP less secure than Perl, Python, or Ruby?
- From: walterbyrd
- is PHP less secure than Perl, Python, or Ruby?
- Prev by Date: Re: Trouble passing mysql table name to php function and using it!
- Next by Date: Re: is PHP less secure than Perl, Python, or Ruby?
- Previous by thread: Re: is PHP less secure than Perl, Python, or Ruby?
- Next by thread: Re: is PHP less secure than Perl, Python, or Ruby?
- Index(es):
Relevant Pages
|
