Thursday, 8 February 2007

Overview of PHP Security from Inside

Cal Evans in a post over the Devzone gives an overview of Federico Biancuzzi’s article where he interviews Stefan Esser on PHP Security. He says the list of topics they discuss is wide ranging.

He gives the instance when Stefan discusses the up coming ‘Month of PHP Bugs’. He has an interesting comment where he says that Remote File Inclusions, vulnerabilities due to register_globals or other problems within the PHP engine are fully to blame on the PHP language.

Cal says that there is no question in anyone’s mind that security in the PHP core is important. There is an ongoing debate however as to how it should be dealt with. In this article, Stefan makes his side known.

Further speaking of the ‘Month of PHP bugs’ that are slated for March. Stefan will release a new security bug each day, he informs.