Secure Coding mailing list archives
RE: Scripting Languages and Secure Coding
From: "Tegels, Kent" <Kent.Tegels () hdrinc com>
Date: Thu, 04 Dec 2003 02:14:01 +0000
Too many people start through in programming and so are causing these
negative side effects (and that's just it) <rant> I don't feel that's unique to LAMP world, it's a serious cause of concern for me on the COM-based ASP and ASP.NET side too. It seems like the major problem for us (aside from running on Windows, let's not start that, ok?) is that we -- as in the authoring and support community -- aren't doing a good or consistent job about talking about security from the start. Its very easy and tempting to write "bad" demonstration code that becomes imprinted on the newbies as a pattern. Granted, the CLR addresses some of security issues by default, but bad design is still bad design. The easier you make it do things, the easier you make it do things "wrong." </rant> Thanks! kt [Ed. <moderate>Please do NOT turn this into a "my operating system is better than yours" thread. Let's keep to the topic of securely developing software. Discussing language/OS features is fine, but don't go down that very slipper slope, please.</moderate>]
Current thread:
- Re: Scripting Languages and Secure Coding + code, (continued)
- Re: Scripting Languages and Secure Coding + code Louis Solomon [SteelBytes] (Dec 05)
- Re: Scripting Languages and Secure Coding + code David M. Wilson (Dec 05)
- Re: Scripting Languages and Secure Coding + code Ghita Gh. Serban (Dec 05)
- Re: Scripting Languages and Secure Coding + code securecodingorg (Dec 04)
- Re: Scripting Languages and Secure Coding Jeremy Thibeaux (Dec 03)
- Re: Scripting Languages and Secure Coding Bob Toxen (Dec 04)
- Re: Scripting Languages and Secure Coding der Mouse (Dec 04)
- Re: Scripting Languages and Secure Coding Louis Solomon [SteelBytes] (Dec 05)
- Re: Scripting Languages and Secure Coding ljknews (Dec 06)
- Re: Scripting Languages and Secure Coding Bob Toxen (Dec 05)
- Re: Scripting Languages and Secure Coding Bob Toxen (Dec 04)