[nycphp-talk] security? we don't need no stinkin security!
John Lacey
jlacey at att.net
Tue Dec 2 12:59:16 EST 2003
Chris Shiflett wrote:
> --- Daniel Convissor <danielc at analysisandsolutions.com> wrote:
>
>>phpBB search.php SQL Injection Vulnerability
>>http://www.securityfocus.com/bid/9122
>>[Gee, you'd think that after already having so many vulnerabilities
>>they would have gone through and fixed all their problems. Guess
>>not.]
>
>
> Yeah, someone really needs to write a forum in PHP that doesn't suck.
> While they're at it, a CMS that doesn't suck would be nice, too. It's a
> shame that there are Perl applications that fit these needs but no decent
> PHP representation.
>
and speaking of that, BB's CMS's and the like have very
well-defined things that they "need to do"... wouldn't it be
nice if well-designed secure components (pcom?) were
available that one could go to the 'lego box' and pull out
what you need to put it together...
More information about the talk
mailing list