On the Professional PHP Blog today, there's this new post quickly talking about web application security.
I've advocated better web application installation for a while, but as a usability issue. Increasingly, it is also a security issue. Just another example of why I think the PEAR installer is important. (and why I hope Zend PHP Framework is released on a PEAR channel.)
It looks there is a Mambo worm out now. I read Hackers Hitting Popular Apps a couple of weeks ago and it mentioned that hackers are targeting PHP apps among other things. Dog bites man for some.
Most web app software, PHP or otherwise, hasn't exactly been known for it's great installation processes. Sure, there are a few that shine (i.e. Wordpress), but overall, it's a lot of hacking around and command-line tricks to get everything working. Maybe with the advent of the PEAR installer, things will change - it has the potential to expand to so much more than just PEAR...