[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure

On 08/12/2013 07:45 PM, coderaptor wrote:
Just because you have an opinion does not make it more right than
others. PHP sucks with 1300 functions (what programming language
requires 1300 functions? The one that is designed poorly),

Or, one which has a very rich featureset which doesn't require folks to reinvent the wheel every time they want to read in a bitmap.

That said, PHP sucks for other reasons, most notably the inability to force variable predeclaration (ie perl's "use strict")*, but I wanted to specifically address your criticism of a language having "too many functions".

* Assuming this is still true. It was back in 2008 when I quit my web job and went back into firmware, and I haven't been doing much with PHP since, instead focusing on C and D on ARM and PPC, so this may have been remedied.

that's a
fact. And you aren't helping it suck less. I may be clueless about how
the apache + php glue and php work, but I am now very sure that I
won't use PHP. And will probably stick with my OpenBSD implementation
of chrooted apache - apache is fit to be in a jail.

I don't see why you need to demonstrate that PHP sucks to justify this position. Compartmentalization is generally a good idea - feel free to practice more of it, as long as you can live with the limitations of doing so. There are also lightweight kernel-level virtualization approaches (linux containers (lxc), Solaris containers, and BSD jails (not to be confused with chroot jails)), which provide even better segregation than a mere chroot.

Matthew Caron, Software Build Engineer
Sixnet, a Red Lion business | www.sixnet.com
+1 (518) 877-5173 x138 office