On the Professional PHP Blog today, there's this new post quickly talking about web application security.

It looks there is a Mambo worm out now. I read Hackers Hitting Popular Apps a couple of weeks ago and it mentioned that hackers are targeting PHP apps among other things. Dog bites man for some.

I've advocated better web application installation for a while, but as a usability issue. Increasingly, it is also a security issue. Just another example of why I think the PEAR installer is important. (and why I hope Zend PHP Framework is released on a PEAR channel.)

Most web app software, PHP or otherwise, hasn't exactly been known for it's great installation processes. Sure, there are a few that shine (i.e. Wordpress), but overall, it's a lot of hacking around and command-line tricks to get everything working. Maybe with the advent of the PEAR installer, things will change - it has the potential to expand to so much more than just PEAR...