PHP Security From The Inside

PHP Security From The Inside
Federico Biancuzzi, 2007-02-05

Stefan Esser is the founder of both the Hardened-PHP Project and the PHP Security Response Team (which he recently left). Federico Biancuzzi discussed with him how the PHP Security Response Team works, why he resigned from it, what features he plans to add to his own hardening patch, the interaction between Apache and PHP, the upcoming "Month of PHP bugs" initiative, and common mistakes in the design of well-known applications such as WordPress.

Blame others, hype yourself 2007-02-08
Sebs

To fully understand the "Esser Issue" one must read the threads on php-internals (avail via www) and then understands why the word traitor came up. Not a too bad description for that guy.
Pointing fingers is easy always; doesnt have any OS Project a kind of Esser ?
...

[ more ]