Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- Date: Sat, 07 Jun 2008 17:22:12 +0900
- From: Brian Chandler <brian@example.com>
- Subject: Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- References: <78d7dd350806042138r226b625do6f30eb68cc80e732@mail.gmail.com> <b4d277190806042240l1b0d2cadme275cf77dccdd79a@mail.gmail.com> <78d7dd350806042336j65d47ec9n382205fe5f566e13@mail.gmail.com> <b4d277190806050054w49fffad4v1b12acb8a22ad7d0@mail.gmail.com> <78d7dd350806050128l292de4e5he926d9beb7c27024@mail.gmail.com> <b4d277190806050210m250751aav4e5436e89c9e6957@mail.gmail.com> <78d7dd350806050247y329c4b36wf7442d932723a0d5@mail.gmail.com> <87hcc7akzv.fsf@uwakimon.sk.tsukuba.ac.jp> <78d7dd350806051948n30ff70d2t5d94f32b8bf7221@mail.gmail.com> <87mylyksj1.fsf@uwakimon.sk.tsukuba.ac.jp>
- User-agent: Thunderbird 1.5.0.5 (X11/20060728)
Stephen J. Turnbull wrote:
Hung Nguyen Vu writes:
> I still don't understand whyPHP doesn't check the input more carefully.
Because the generic case is hard to do, and PHP is not about doing hard things, it's about making tedious things convenient. It leaves the hard things up to the programmer, who usually knows enough about the input that he can do a few simple checks and be reasonably safe.
But I don't really see what criticism there could be here of PHP as such. PHP provides a function to include a file and run it through the php interpreter - what more or less could it do? The problem is surely one of sloppy programming. AAMOF, I think that most of the publicised problems hereabouts come from generic applications abusing very general mechanisms.
I don't understand quite what input the OP thinks PHP should check, either.
Brian Chandler http://imaginatorium.org
- Follow-Ups:
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Stephen J. Turnbull
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- References:
- [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Hung Nguyen Vu
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Edmund Edgar
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Hung Nguyen Vu
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Edmund Edgar
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Hung Nguyen Vu
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Edmund Edgar
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Hung Nguyen Vu
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Stephen J. Turnbull
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Hung Nguyen Vu
- Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- From: Stephen J. Turnbull
- [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- Prev by Date: [tlug] State of "Linux" documentation [was: Books]
- Next by Date: Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- Previous by thread: Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- Next by thread: Re: [tlug] Clamav reports a virus: Exploit.Gif.PHPembedded
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |