[Ffmpeg-devel] Re: Advocating periodic releases

Dana Hudes dhudes
Sat Oct 7 00:01:06 CEST 2006


while it is true that daily exploits against apps in PHP are posted to 
bugtraq there are perhaps 4 or 5 fundamental exploits against PHP 
itself. That's not to say that PHP hasn't made some defaults that 
weren't the most secure choice but you had the option to override it. 
The latest in PHP does away with magic quoting entirely.
don't take my word on this check the CVE list.
Attila Kinali wrote:
> On Fri, 06 Oct 2006 12:57:04 -0700
> Mike Melanson <mike at multimedia.cx> wrote:
>
>   
>> I was wondering if you had a problem with the PHP backend interpreter or 
>> the nominal output of a PHP hacker. I guess it's the latter.
>>     
>
> I haven't read the code of the interpreter, so i cannot
> judge it. Maybe it's well written, maybe not. I simply don't
> know. But i've read a fair amount of php code, and only the
> code written by people who started first with a real programming
> language looked more or less sane... but those people leave the
> php field as soon as they can.
>
> 			Attila Kinali
>
>   





More information about the ffmpeg-devel mailing list