mailing list archives
Re: Securing PHP or finding PHP alternatives
From: SkyFlash <webmaster () hackquest de>
Date: Tue, 11 Jul 2006 09:54:59 +0200
2.) From a security standpoint what is a better, open-source replacement
Ruby, Python, Java, C#, all of which are type safe, and therefore much
more secure. All have open source implementations, including C#
Being type safe does not mean you can't screw up when validating user
input. Also, PHP can be type safe, if you choose to use it that way.
None of these languages will fix badly written code for you, so they
aren't more safe. You don't need to secure the specific programming
language, you need to secure your own lazy ass producing bad code. Also,
there is no better, open source replacement for PHP.
I got a good suggestion for you guys... if you don't write any code, it
will be PERFECTLY SAFE! How does that sound to management?
If you write code, it will have bugs, and it will have security holes,
so live with it. No matter how many graphs you draw and talk about it...
in the end, it will still have bugs, and you won't be able to quantify them.