PHPDeveloper: PHP News, Views and Community

Subscribe

@phpdeveloper.org

News Archive

Community News: Latest PECL Releases (08.27.2024)

Community News: Latest PECL Releases (08.20.2024)

Community News: Latest PECL Releases (08.13.2024)

Community News: Latest PECL Releases (08.06.2024)

Community News: Latest PECL Releases (07.30.2024)

Community News: Latest PECL Releases (07.23.2024)

Community News: Latest PECL Releases (07.16.2024)

Community News: Latest PECL Releases (07.09.2024)

Community News: Latest PECL Releases (07.02.2024)

Community News: Latest PECL Releases (06.25.2024)

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SecurityFocus.com:
PHP Security From The Inside (Interview with Stefan Esser)

byChris Cornutt Feb 07, 2007 @ 17:36:00

Over on the SecurityFocus website, there's an interview posted with Stefan Esser of the Hardened-PHP Project (as interviewed by Federico Biancuzzi.

Federico Biancuzzi discussed with him how the PHP Security Response Team works, why he resigned from it, what features he plans to add to his own hardening patch, the interaction between Apache and PHP, the upcoming "Month of PHP bugs" initiative, and common mistakes in the design of well-known applications such as WordPress.

Some of the topics discussed include

the Hardened-PHP Project
Suhosin
the PHP Security Response Team (his role in it and why he left)
PHP5's security focus versus PHP4's
and more...

Check out the full interview to have all of your questions answered.