[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: wheezy still missing php5-suhosin

On Thu, Apr 11, 2013 at 09:11:27AM +0100, Joe wrote:
> turn it off if so configured. Later and later versions of PHP have
> become much stricter in many ways, and have offered features like
> Perl's optional variable discipline, so many of the Suhosin features are

What does "optional variable discipline" mean?

> It's not so much that PHP itself is a problem, but that PHP software
> on public web servers is completely exposed to any and every kind of
> attack, and that programmers need to be extremely disciplined to write
> secure code. You can assist with this kind of discipline in writing a
> programming language, but you can't enforce it.

I think that would be the case whether the code was perl also, but I've
only heard bad things about PHP and good things about Perl.

Does PHP (without any additions) have an equivalent of perl's "use

"If you're not careful, the newspapers will have you hating the people
who are being oppressed, and loving the people who are doing the 
oppressing." --- Malcolm X

Reply to: