On 10/10/07, Daniel Lawson <daniel(a)meta.net.nz> wrote:
If Linux is "what your distro ships with", then you should cut it some slack, because last I checked distros didn't ship with broken (exploitable) PHP code on a public facing webserver.
Yes and this is part of the flaw if PHP code is constantly being exploited doesn't it mean that the language has an issue??
PHP != Linux. PHP also runs on windows. PHP also isn't the only language you can write exploitable code in.
I'll comment on this part mostly as I agree with the rest of what you're saying/or don't want to drag it all out. The original article talked about Linux systems, not Linux so PHP is a concern if running on Linux. Agree with what you're saying that PHP is cross platform tool - see today's news for example: http://www.news.com/8301-13580_3-9793871-39.html?part=rss&subj=news&tag=2547-1_3-0-20
Distributions can't protect against administrative stupidity.
Yes - and that was my main point really (and Lindsay's). Don't assume just because you run Linux, that you can't be hacked. -- Web1: http://wand.net.nz/~iam4/ Web2: http://www.jandi.co.nz Blog: http://iansblog.jandi.co.nz