, 2007-02-05
Stefan Esser is the founder of both the Hardened-PHP Project and the PHP Security Response Team (which he recently left). Federico Biancuzzi discussed with him how the PHP Security Response Team works, why he resigned from it, what features he plans to add to his own hardening patch, the interaction between Apache and PHP, the upcoming "Month of PHP bugs" initiative, and common mistakes in the design of well-known applications such as WordPress.
Expand all |
Post comment
Blame others, hype yourself
2007-02-08
Sebs (2 replies)
Sebs (2 replies)
Re: Blame others, hype yourself
2007-02-08
Anonymous (1 replies)
Anonymous (1 replies)
This is highly irresponsible
2007-02-20
Paul Hickman (2 replies)
Paul Hickman (2 replies)
Re: This is highly irresponsible
2007-02-20
John Carmichael (1 replies)
John Carmichael (1 replies)
Are you really that ignorant to believe that not every single fixed security hole in the PHP CVS is immediately triggering some skript kiddy that watches the CVS mailinglist?
By disclosing the security holes the public atleast knows about them.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/432/34370#34370