Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Securing PHP or finding PHP alternatives
From: SkyFlash <webmaster () hackquest de>
Date: Tue, 11 Jul 2006 09:54:59 +0200

2.) From a security standpoint what is a better, open-source replacement
to PHP?

Ruby, Python, Java, C#, all of which are type safe, and therefore much
more secure. All have open source implementations, including C#


Being type safe does not mean you can't screw up when validating user input. Also, PHP can be type safe, if you choose to use it that way.

None of these languages will fix badly written code for you, so they aren't more safe. You don't need to secure the specific programming language, you need to secure your own lazy ass producing bad code. Also, there is no better, open source replacement for PHP.

I got a good suggestion for you guys... if you don't write any code, it will be PERFECTLY SAFE! How does that sound to management?

If you write code, it will have bugs, and it will have security holes, so live with it. No matter how many graphs you draw and talk about it... in the end, it will still have bugs, and you won't be able to quantify them.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]