[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tomahwk + PHP source of www.linux.org.il



Hi,

On Sun, 23 Aug 1998, Shlomi Fish wrote:

> Shachar is now made responsible for an ad-hoc mailing-list and stuff.
> Please do not bug him.

Feel free to bug me. Though, I didn't quite understand the message you
sent me privately as though you wanted me to open a list.

> BTW, the site is pre-rendered with PHP. When it is on the site, it's raw
> HTML pages. In fact I still use a makefile to generate everything.
> 
> PHP is considered a security breach, so I couldn't use it as a server-side
> scripting language. (i.e: something ala the (in)-famous Active Server
> Pages or ASP), but much better any way you look at it. I use it as what is
> known as an HTML generator.

PHP is *NOT* a security breach. After helping the two authors of PHP, Andi
Gutmans and Ze'ev Suraski, which happen to be friends of mine, with
security issues, I can assure you there aren't security holes in PHP
3.0.3. The last time we've found a security hole was 3 monthes ago.

Shachar Tal
-------------
Taub Computer Center, Technion, Israel Institute of Technology
KeyID 0481FEF1 fingerprint = 52 1B 97 6A F2 77 AE C6  64 B6 5A 5E 14 28 8E 7E