[ale] Well, this does nothing for the reputation of Linux

Michael B. Trausch mbt at naunetcorp.com
Mon Jul 22 09:51:09 EDT 2013


On 07/21/2013 08:53 PM, JD wrote:
> Regardless, we all learn to rely on outside expert opinions in areas where we
> cannot become an expert.  The security experts to which I listen will not put
> php code on the internet and only allow it internally when accessed directly
> from the corporate network or over a VPN. While I have a slight interest in
> software security, none of it includes trying to make php programs better.  I'd
> prefer to make multithreaded C code safe for direct internet use - it would be
> much less painful. ;)

Agreed; having written several systems in both PHP and C, I prefer C if
the choice is available.  There's too much auto-fsck-you in PHP for me.

However, one place where I can say that PHP apps are "secure enough" is
when they're behind a Kerberos-aware Apache that is properly configured
(e.g., disallows basic auth for Kerberos and uses only negotiate).

    --- Mike

-- 
Naunet Corporation Logo 	Michael B. Trausch

President, *Naunet Corporation*
? (678) 287-0693 x130 or (888) 494-5810 x130

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130722/0b308afd/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: aeiaccgj.png
Type: image/png
Size: 1701 bytes
Desc: not available
URL: <http://mail.ale.org/pipermail/ale/attachments/20130722/0b308afd/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mail.ale.org/pipermail/ale/attachments/20130722/0b308afd/attachment.sig>


More information about the Ale mailing list