By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,652 Members | 1,182 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,652 IT Pros & Developers. It's quick & easy.

[PHP5] Will be security be enforced ?

P: n/a
I don't think Php, setting safe_mode and register globals did a serious job
on 4.1.x versions and above.

Actually I would like to see that crapy problems beeing solved on Php5 but
it seems nobody is thinking of it...

Any idea ?

Julien
Jul 17 '05 #1
Share this Question
Share on Google+
5 Replies


P: n/a
Julien Buratto escribió:
I don't think Php, setting safe_mode and register globals did a serious job
on 4.1.x versions and above.

Actually I would like to see that crapy problems beeing solved on Php5 but
it seems nobody is thinking of it...

Any idea ?

Julien


What do you understand by crapy problems?

Regards,

knocte

Jul 17 '05 #2

P: n/a
> What do you understand by crapy problems?

With 'crapy problems' I mean something like inability to let my script
create files on the userspace in a webhosting environment to let a script
work
without create the file/modify permission via php_ftp functions ...
All this happens when you do install php with the default options...

Julien
Jul 17 '05 #3

P: n/a
With total disregard for any kind of safety measures "Julien
Buratto" <ju***************@linkas.it> leapt forth and uttered:
What do you understand by crapy problems?


With 'crapy problems' I mean something like inability to let my
script create files on the userspace in a webhosting environment
to let a script work
without create the file/modify permission via php_ftp functions
... All this happens when you do install php with the default
options...

Julien


This has nothing to do with PHP. It is a restriction imposed by
*nix filesystem permissions.

As with every programming language, the burden of writing secure
code lies ultimatly with the developer. The vast majority of PHP
script security issues are the result of ignorance on the part of
the author. As you have unfortunatly proved with the rather large
misconception you just put forward.

--
There is no signature.....
Jul 17 '05 #4

P: n/a
> >> What do you understand by crapy problems?

With 'crapy problems' I mean something like inability to let my
script create files on the userspace in a webhosting environment
to let a script work
without create the file/modify permission via php_ftp functions
... All this happens when you do install php with the default
options...

Julien


This has nothing to do with PHP. It is a restriction imposed by
*nix filesystem permissions.

As with every programming language, the burden of writing secure
code lies ultimatly with the developer. The vast majority of PHP
script security issues are the result of ignorance on the part of
the author. As you have unfortunatly proved with the rather large
misconception you just put forward.


Well this depens only in the experience taken with jsp in wich so many
security problems are
solved on the underlying level because the filosophy is that the programmer
should be much more involved
in real programming than in being aware not to introduce security holes.
Infact, what I would like to understand if other devlopers do feel the same
'security loneliness' as I do.

Julien
Jul 17 '05 #5

P: n/a
On Tue, 06 Jan 2004 10:27:45 GMT, "Julien Buratto"
<ju***************@linkas.it> wrote:
What do you understand by crapy problems?


With 'crapy problems' I mean something like inability to let my script
create files on the userspace in a webhosting environment to let a script
work
without create the file/modify permission via php_ftp functions ...
All this happens when you do install php with the default options...


As has been said already, this is unix file permission issue. If you
give a directory the appropriate permissions you will be able to write
to it.

Safe_mode is for paranoid hosts. And register globals (off) simply
removes a particularily bad feature of early versions of PHP.

Other than that, the security concerns of PHP are no different from
any other web development platform.

Jul 17 '05 #6

This discussion thread is closed

Replies have been disabled for this discussion.