Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re^2: perl vs. php

by emazep (Priest)
on Nov 17, 2005 at 00:53 UTC ( #509255=note: print w/replies, xml ) Need Help??


in reply to Re: perl vs. php
in thread perl vs. php

Neither. It's an irrelevant question. Programs are secure or not. You can write secure programs in any language (and it's difficult in all of them), and you can write insecure programs in any language (and that's surprisingly easy).
That's not completely true (at least in this case.)
Contrary to Perl, PHP doesn't have a taint mode, which is a deficiency of the language.
Granted, you can still write secure programs without using the taint mode, but it can be much harder to detect the vulnerabilities of your code.

Ciao,
Emanuele.

Replies are listed 'Best First'.
Re^3: perl vs. php
by Perl Mouse (Chaplain) on Nov 17, 2005 at 10:06 UTC
    It's still very easy to write insecure programs that have tainting enabled. The fact that Perl has a tainting option doesn't make Perl secure. It just gives the programmer one more piece of rope (either to hang himself, or to use well).
    Perl --((8:>*

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://509255]
help
Chatterbox?
[LanX]: Donald Trump's first UK post-election interview
erix is not interested what the imbecile-in-chief has to say -- only what he will do
[GotToBTru]: that sounds fair to me
[davies]: I've just "approved" using syscalls in perl through inline c for at least the third time, but it still appears to me as unapproved. Is this just me?
[LanX]: erix: other side of the pond
[LanX]: davies: same problem

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (16)
As of 2017-01-16 15:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you watch meteor showers?




    Results (151 votes). Check out past polls.