On 19.11.2007, at 21:50, David Zülke wrote:
Am 18.11.2007 um 22:53 schrieb Lukas Kahwe Smith:
Stefan so what is your point then? Since neither can be 100%
secure, do not use any? Or just do not bundle either?
Yes, that is exactly the way to go. To quote Yoda (and he would
know): "Do, or do not. There is no try.". Or, in contemporary
words: do things 100% properly, but if that is not possible, take a
step back and spare the world some half arsed attempt.
This makes no sense to me. There is nothing like 100% secure as long
as you dont pull the plug on the entire application. The only secure
application is one that hasnt been deployed anywhere. So the question
boils down to more "does this increase security sufficiently to make
the draw backs acceptable".
regards,
Lukas
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
