Hardened PHP, anyone?
Evan Leibovitch
evan at telly.org
Sat Jan 13 01:41:39 UTC 2007
While PHP seems to be the language lots of people love to hate, there's
no question it runs many of the open source world's favourite applications.
One of the big knocks I've heard against PHP is that it's far to easy
too write really insecure apps. I've come across a project that hardens
PHP, through two components which address the most dangerous of
practises. One is a patch to the PHP core code, the other is an add-on
module:
http://www.hardened-php.net/suhosin.127.html
I haven't even bothered with the patch, but I've been unable to install
all the packages necessary to build the module. The makers of this
project say that Gentoo and FreeBSD alread include the components within
their distos; any chance of seeing it available within Ubuntu, even in
universe/multiverse?
- Evan
More information about the ubuntu-ca
mailing list