Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

To: debian-user@lists.debian.org
Subject: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
From: Reco <recoverym4n@gmail.com>
Date: Tue, 24 Dec 2013 20:53:02 +0400
Message-id: <[🔎] 20131224205302.e21c31c32b49c38f62c6660b@gmail.com>
In-reply-to: <[🔎] CAD4guxMoBJkjnQsNRr1STtm6c2wEN+OVWT1E6wzUZ2MnSeVf1A@mail.gmail.com>
References: <[🔎] CAKkTUv2hUccoNBJ-UX1E=aqkdT9JSoVddG9mcVxgxQjE3qCzFQ@mail.gmail.com> <[🔎] 52B87600.2030007@nuagelibre.org> <[🔎] CAD4guxPGvPMp52sgQASdr6K8-TG77jksTSrh48-Q9BZBXhNHDA@mail.gmail.com> <[🔎] 20131224115409.10889818aead08a56e8f34e7@gmail.com> <[🔎] CAD4guxNbOBgFqXPofcJHg0W9Swfv4r_7hGJN-iTxr-FLJu-eyQ@mail.gmail.com> <[🔎] 52B948F5.7030204@paulscrap.com> <[🔎] CAD4guxPuro2-6deZG26P+s6dDDUzB4NhQnrCLjzjGoZFo_1PDw@mail.gmail.com> <[🔎] 20131224133752.9a8f118c07350cc0bf75659b@gmail.com> <[🔎] 52B95C3E.8040202@paulscrap.com> <[🔎] CAD4guxMFWHUu926650Woni_pkc=-f=fxO_HvzC871fbkkp59PQ@mail.gmail.com> <[🔎] 20131224175426.7426a5ed6300ba2d466978f4@gmail.com> <[🔎] CAD4guxP1oaZVw=c3sYHKD2mcg5a-43QbGPaLGEbd0frUQzxChA@mail.gmail.com> <[🔎] 20131224190900.f08ecb0d202f926c6cff6579@gmail.com> <[🔎] CAD4guxMdt_Yy+0jGqEyqSFBM75vNAH9Hv57sBWQ+rQtnxF5gww@mail.gmail.com> <[🔎] 20131224195129.5915314b62da61e82506c9e5@gmail.com> <[🔎] CAD4guxMoBJkjnQsNRr1STtm6c2wEN+OVWT1E6wzUZ2MnSeVf1A@mail.gmail.com>

On Tue, 24 Dec 2013 17:08:48 +0100
Raffaele Morelli <raffaele.morelli@gmail.com> wrote:

> 2013/12/24 Reco <recoverym4n@gmail.com>
> 
> >
> >
> > > > That's one way of doin' it. Now, to rely on poorly-implemented
> > > > 'security' features of PHP - that's something really not worth doing.
> > >
> > >
> > > That's absolutely you point of view, a wise and skilled developer does
> > > everything safe, a poor minded simply does not.
> >
> > Sadly, 'wise and skilled' label cannot be applied to a majority of
> > developers writing something in PHP. Or any Web developer for that
> > matter. Of course, you might be an exception.
> >
> 
> IMHO your claim is a little bit conceited, it sounds like a self-styled web
> developer "guru" talking to his ego.

Have I offended you somehow? Why this personal attack?

Still, the only thing that I know about PHP is one should stay clear of
it unless necessary. And even in the last case, one should avoid using
PHP for any purpose.

This opinion comes from:

http://www.debian.org/security/
http://seclists.org/bugtraq/
http://seclists.org/fulldisclosure/

And last, but not least:

http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/

PS I'm not a developer. I'm that guy they call to clean up the mess
that developers wrote.

Reco

Reply to:

Follow-Ups:
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>

References:
- Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Lukasz Szybalski <szybalski@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Gilles Mocellin <gilles.mocellin@nuagelibre.org>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Reco <recoverym4n@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: PaulNM <debian@paulscrap.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Reco <recoverym4n@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: PaulNM <debian@paulscrap.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Reco <recoverym4n@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Reco <recoverym4n@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Reco <recoverym4n@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>

Prev by Date: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Next by Date: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Previous by thread: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Next by thread: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Index(es):
- Date
- Thread