[Freedombox-discuss] PHP Alternatives?
On Sun, 2012-07-15 at 12:37 +0200, Jonas Smedegaard wrote:
> Correct, Diaspora is written in Rails, which unfortunately is
> similarly
> worrisome as PHP: even if (arguably) the underlying Ruby language has
> saner coding style and community habits, Ruby on Rails tend to focus
> on
> rapidly mashing things together rather than caring about security.
I work in a programming languages research group, and while I'm not on
any of the teams that work on Ruby, I do know that my advisors and
colleagues hold Ruby on Rails in much higher esteem than they do PHP.
While they wouldn't have a job if there weren't language-level problems
in the Rails framework that they could fix (and sometimes,
security-related problems), it is *much* better than PHP.
Rapidly mashing things together isn't inherently bad; a good language
and environment should generally keep you from doing bad things.
Further, I'm not convinced that spending lots of time dutifully stroking
one's beard and "caring about security" is actually correlated with less
security bugs, compared to having decent separation of concerns and
seeing security as more of a framework property than an application
property.
--
Sent from Ubuntu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120716/5e76f2c9/attachment.pgp>
Reply to: