[Cialug] URGENT! How to list all files new/modified last 24 hours

Josh More jmore at starmind.org
Fri Oct 26 14:34:23 CDT 2012 

The problem is that we think of "security" as meaning "keep the bad
guys out", and there's a lot more to it than that.

PHP is a great language for enabling developers, just as MySQL is a
great database for the same.

I like Perl and PostgreSQL, as I find them to be a more secure pair of
technologies and they don't get in my way all that much.  A whole lot
of developers disagree.

I know people who like to do Python frameworks, some that do Ruby and
some that do ASP.NET.  The issue isn't that the language is bad, is
that's the language is used for (or evolves into) a use for which it
is no longer suited.  The migration of Cobol to the Web is a classic
example of this.

I think that PHP can be a great language for web developers, but I
also think that, in general, web developers and IT Admins do not
understand the risks of using PHP sufficiently well to protect their
systems.  This is easily solved, but it is a people problem, not a
tech problem.  Don't blame the language for the human tendency to
learn as little as necessary to make things run.

-Josh More

On Fri, Oct 26, 2012 at 2:07 PM, Paul Gray <gray at cs.uni.edu> wrote:
> On 10/26/2012 01:50 PM, jim kraai wrote:
>>
>> The fact that engaging in that criminal negligence has fed my family and
>> many others over the years is irrelevant? ;-)
>>
>> It's an awful language, to be sure, but the amateur coders who have been
>> using it incorrectly and its popularity are to blame for the security
>> problems.
>>
>
> Agreed - it's not entirely the language to blame.
>
> If it were just a language problem, then no one would be learning C/C++ and
> everyone would be coding in Ada.
>
> Although we teach Ada here at UNI, I don't see C (nor php) going away any
> time soon.
>
> Like C, you can shoot your{self, server} in the {f,r}oot with php.  The key
> is knowing how to, and then *not* doing that.  PHP problems seem to arise
> from people not privy to the first part.
>
> --
> Paul Gray                                         -o)
> 314 East Gym                                      /\\
> University of Northern Iowa                      _\_V
>   Message void if penguin violated ...  Don't mess with the penguin
>   No one ever says "Hey, I can't read that ASCII e-mail ya sent me."
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug

More information about the Cialug mailing list