Yet Another PHP Security Hole

Posted by Eric Mon, 22 Jul 2002 00:00:00 GMT

A new security problem has been discovered in PHP 4.2.x. This is not the first major hole in PHP, and it probably won't be the last.

Even if your PHP runtime is secure, it's really hard to write secure PHP scripts. There's so many things that can go wrong--malicious users setting "internal" global variables, SQL injection attacks, ".inc" files containing passwords, and a whole host of other all-to-common bugs.

Just say no.

Tags

Comments are disabled