Tugger the SLUGger!SLUG Mailing List Archives


G'day Sluggers,

I've been offered a job to write a CGI programme.

The client's ISP has a company policy against the use of PHP.
Are there known security issues with PHP?

Also, are there any security issues with fast cgi (Apache/mysql)?
I had a quick look at the source, it seems to me there are a few 
places where buffer overrun could be induced, but I haven't really
had a good look yet.

I like the concept of fast cgi, ie no database connect/disconnect 
every time a cgi request comes in, but I hear fast cgi hasn't really
taken off..  Comments?


'The day Microsoft makes something that doesn't suck is the day
  they start making vacuum cleaners.'