On Mon, 4 Nov 2002, Paul Makepeace wrote: > > b) I don't believe that the general coding standard in the PHP binaries > > is as high as is necessary to survive on the modern Internet > > Well this is patently empirically shown to be false, since there are > millions of installed PHP systems quite happily surviving (specifically, > staying up and not causing the administrator to unload PHP in horror at > the onslaught of attacks).
You don't see all the machine pull and rebuild requests that get filed each time someone discovers a hole, and discovers our netblocks. Not that most of the compromised users use PHP or even know it's installed (as people mentioned in the netcraft thing) Then they reinstall all their content, with their server all patched up to the currently by our build process, and wait for the next exploit (php or otherwise). the hatter