Full Disclosure mailing list archives
Re: How secure is PHP ?
From: ph0enix <ph0enix () layertwo net>
Date: Mon, 01 Nov 2004 14:17:26 +0100
Hi Nayana,no, you don't need a security expert to secure your php scripts. But you also don't need to be a security expert to exploit php issues... =)
Have a look at this: http://www.hardened-php.net/ HTH Nayana Somaratna wrote:
Hi everyone, I've been tasked with creating a learning management system for my University. Given that we're only handling a few handred students, I'd typically want to create it using linux/apache/mysql/php. However, when browsing the web, I found an article which said that "it requires an expert to lockdown php" (Sorry, but I can't quite recall the URL). While I am not a novice, I am defintely not an expert either - expecially on security issues. So, I'd like to ask the members of this list - how difficult is it to secure php ? Do you really need a security "expert" to do this ? P.S. The few hundred students mentioned above are IT students ;-) Thanks, - Nayana _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- How secure is PHP ? Nayana Somaratna (Nov 01)
- Re: How secure is PHP ? ph0enix (Nov 01)
- Re: How secure is PHP ? Gary E. Miller (Nov 01)
- Re: How secure is PHP ? Dan Margolis (Nov 02)
- Re: How secure is PHP ? Gary E. Miller (Nov 02)
- Re: How secure is PHP ? Ron DuFresne (Nov 04)
- Re: How secure is PHP ? Stefan Esser (Nov 04)
- Re: How secure is PHP ? Ron DuFresne (Nov 22)
- Re: How secure is PHP ? Gary E. Miller (Nov 04)
- Re: How secure is PHP ? Dan Margolis (Nov 02)
- Re: How secure is PHP ? Dan Margolis (Nov 11)