Re: is PHP less secure than Perl, Python, or Ruby?
- From: Jerry Stuckle <jstucklex@xxxxxxxxxxxxx>
- Date: Tue, 27 Feb 2007 11:25:04 -0500
walterbyrd wrote:
I honestly don't know. But, I have seen articles and posts about how
PHP is terribly insecure. I don't usually see comparisons to other
common web languages.
I think the big vulnerablity is supposed to be code injections.
Another security issue would be having code stolen, but I think that
PHP can be protected from that.
Obviously, I don't know a lot about it.
Walter,
As Mike says, it's only as secure as you write it. To elaborate a little more:
Security is not really a language issue - any language can be insecure, even a compiled one such as C/C++. And any language can be secure.
All scripting languages tend to be less secure only because the source code is there to see. Anyone with physical access to the server physically or through non-web routes such as telnet/ssh or ftp can get that source code (this includes hosting companies). Sure, they can get a compiled code also - but that takes a lot more work to figure out what's going on.
The only "secret" to security is the same in all languages. Understand the language. Understand the vulnerabilities (such as SQL injection - a potential problem in ANY language when you're using a SQL database). And understand how to secure your code against those vulnerabilities.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@xxxxxxxxxxxxx
==================
.
- References:
- is PHP less secure than Perl, Python, or Ruby?
- From: walterbyrd
- is PHP less secure than Perl, Python, or Ruby?
- Prev by Date: Re: is PHP less secure than Perl, Python, or Ruby?
- Next by Date: Re: Trouble passing mysql table name to php function and using it!
- Previous by thread: Re: is PHP less secure than Perl, Python, or Ruby?
- Next by thread: Re: is PHP less secure than Perl, Python, or Ruby?
- Index(es):
Relevant Pages
|
