mailing list archives
RE: How secure is PHP ?
From: Sandeep Sengupta <sandeep.sengupta () gmail com>
Date: Mon, 1 Nov 2004 19:13:14 +0530
1) All BUGS on PHP are listed here. So you can have good idea of the bug-stat.
Total bug entries in system: 30352
Closed: 17087 Open: 1267 Critical: 4
Some more resources ---
On the Security of PHP, Part 1 - Jordan Dimov
PHP Security Mistakes - Dave Clark
The security of the application depends mostly on 'how you code',
which I believe you already know. I hope the above links will be of
some help. Good luck :-)
From: Nayana Somaratna [mailto:npsomaratna () gmail com]
Sent: Tue 02/11/2004 00:45
To: full-disclosure () lists netsys com
Subject: [Full-Disclosure] How secure is PHP ?
I've been tasked with creating a learning management system for my
University. Given that we're only handling a few handred students, I'd
typically want to create it using linux/apache/mysql/php.
However, when browsing the web, I found an article which said that "it
requires an expert to lockdown php" (Sorry, but I can't quite recall
While I am not a novice, I am defintely not an expert either -
expecially on security issues.
So, I'd like to ask the members of this list - how difficult is it to
secure php ? Do you really need a security "expert" to do this ?
P.S. The few hundred students mentioned above are IT students ;-)
Full-Disclosure - We believe in it.
Re: How secure is PHP ? Adam Jacob Muller (Nov 03)
Re: How secure is PHP ? Morgan Reed (Nov 03)
RE: How secure is PHP ? Sandeep Sengupta (Nov 01)
Re: How secure is PHP ? J b (Nov 05)
- Re: How secure is PHP ?, (continued)