WebApp Sec mailing list archives
Re: Anyone have some basic security tips for PHP-programmers?
From: Härnhammar, Ulf <Ulf.Harnhammar.9485 () student uu se>
Date: Tue, 25 Nov 2003 16:13:54 +0100
Quoting Andreas <exon () home se>:
On a side-note: It's ofcourse never a good idea to pass user-supplied data to a program, but that doesn't necessarily involve bugs for it to be exploitable. I thought this was self-explanatory, but apparently I was wrong.
SQL Injection and Cross-site Scripting are excellent examples. Neither requires bugs in any external software. It could also be noted that lots of tasks in common computer programs in fact require passing user-supplied data to external programs, so it is often hard to avoid. -- Ulf Härnhammar, student, Uppsala universitet "Jag är en tvivelaktig figur / Duger ej mycket till" -- Cornelis Vreeswijk, "Somliga går med trasiga skor" Uggs != Cmectbb
Current thread:
- RE: Anyone have some basic security tips for PHP-programmers?, (continued)
- RE: Anyone have some basic security tips for PHP-programmers? Keifer, Trey (Nov 18)
- Re: Anyone have some basic security tips for PHP-programmers? tim (Nov 22)
- Re: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 22)
- Re: Anyone have some basic security tips for PHP-programmers? Tommy Gildseth (Nov 23)
- Re: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 23)
- Re: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 22)
- RE: Anyone have some basic security tips for PHP-programmers? Herbold, John W. (Nov 22)
- RE: Anyone have some basic security tips for PHP-programmers? exon (Nov 24)
- RE: Anyone have some basic security tips for PHP-programmers? Herbold, John W. (Nov 24)
- RE: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 24)
- Re: Anyone have some basic security tips for PHP-programmers? Andreas (Nov 25)
- Re: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 25)
- Re: Anyone have some basic security tips for PHP-programmers? Sverre H. Huseby (Nov 25)
- RE: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 24)