Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security Hardening . . . . . . . (was Re: [tlug] Host Blocking and Logfile Parsing)



On Sat, 20 Jan 2007, Jim wrote:

Learn how to write safe shell scripts.
...
As with shell scripts, learn how to write safe PHP code.

This is a terrible approach to security. Rather than asking people to be perfect, it's better to assume that people will err, and create systems that either make particular errors impossible, or catch them and deal with them safely when the occur.

Sandboxing is good, but sophisticated web apps need to interact enough
with the rest of the system that big holes in sandboxing would be needed.

Not in my experience. Most of the web applications I've seen need only to load their code, read data files and talk to a database.

Perhaps you could give me some examples of the "big hols in sandboxing"
you feel would be necessary.

cjs
--
Curt Sampson       <cjs@example.com>        +81 90 7737 2974


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links