[Dovecot] Webmail Recommendation
Emiliano Gabrielli (aka AlberT)
dovecot at superalbert.it
Fri Jan 11 11:28:42 EET 2008
On giovedì 10 gennaio 2008, Peter Eriksson wrote:
> All the suggested ones have just one big FAT problem - they are all
> written in that security bug ridden language that the hackers just love
> to exploit - PHP. Running a web application available to the whole wide
> internet written in PHP is just asking for someone to break into your
> systems.
Oh my god! Never heard nothing more ... bah .. no words!
Not to flame, but please permit me to just point out some ideas:
- PHP is one of the many scripting languages
- PHP is oriented to web development (but not only)
- PHP (and PHP4 in particular) had is huge success thanks to its simplicity
and the lackness of strict type check and so on...
The last point is the glory and the pain of the language, as this makes
unskylled people to rapidly develop in PHP *working* software...
yes, I said "working" software, that is not a good written, projected,
hardened software!! Squirrelmail itself is (at least before the OOP
recoding) very very poorly written...
Finally, the simple and unconfutable fact that a wide number of web server are
exploited thanks to bad PHP script in *not* and intrinsic hole in the
language, the are simple very very bad coded script/apps!!!
I can assure that writeing a secure PHP application is not a nightmare, is
simply coding in a professional way.
The simple fact of using (using in a professional way, not just installing and
coding !!!) a good Framework and ORM can already make the application SQL
Injection free, more secure, portable and so on ...
My 2 cents
--
<?php echo ' Emiliano Gabrielli (aka AlberT) ',"\n",
' GrUSP founder - ZCE ',"\n",
' AlberT_at_SuperAlberT_it - www.SuperAlberT.it ',"\n",
' IRC: #php,#AES azzurra.com ',"\n",'ICQ: 158591185'; ?>
More information about the dovecot
mailing list