SLUG Mailing List Archives
- To: "SLUG" <slug@xxxxxxxxxxx>
- Subject: [SLUG] CGI
- From: "Peter Faulks" <pfaulks@xxxxxxxxxx>
- Date: Fri Jul 14 14:23:12 2000
- Reply-to: "Peter Faulks" <pfaulks@xxxxxxxxxx>
I've been offered a job to write a CGI programme.
The client's ISP has a company policy against the use of PHP.
Are there known security issues with PHP?
Also, are there any security issues with fast cgi (Apache/mysql)?
I had a quick look at the source, it seems to me there are a few
places where buffer overrun could be induced, but I haven't really
had a good look yet.
I like the concept of fast cgi, ie no database connect/disconnect
every time a cgi request comes in, but I hear fast cgi hasn't really
taken off.. Comments?
'The day Microsoft makes something that doesn't suck is the day
they start making vacuum cleaners.'