Hrm. Yes, php can be vulnerable, but I was more worried about phpmyadmin and the potential of direct access to my databases.
This particular server runs red hat 7.3, and they bundle php with their distro. They also patch everything in their distros fairly regularly and I subscribe to their update services, I feel fairly secure in their offerings. I was mostly fishing for any horror stories out there from people that installed phpmyadmin and were hacked because of it. I like the convenience, but am not willing to sacrifice security. I am however willing to run php, so the security concern is purely with phpmyadmin. Any advice would be most appreciated, Mitchell On 10/25/02 11:47 AM, "Thomas Seifert" <[EMAIL PROTECTED]> wrote: > I don't want to start a flame but where do take this from? > Every security-hole in php has been fixed shortly after it was known. > > Its as secure as any other server-side scripting-language in the web. > > > Thomas > > On Fri, 25 Oct 2002 10:40:32 -0500 "Ed Carp" <[EMAIL PROTECTED]> wrote: > >> PHP itself is not secure unless special steps are taken to secure it, and >> even then it's no guarantee. There have been several exploits published >> against PHP, and a few of them have been root exploits. I avoid PHP when I >> can, especially on shared servers. >> > > sql, query > > --------------------------------------------------------------------- > Before posting, please check: > http://www.mysql.com/manual.php (the manual) > http://lists.mysql.com/ (the list archive) > > To request this thread, e-mail <[EMAIL PROTECTED]> > To unsubscribe, e-mail <[EMAIL PROTECTED]> > Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php > > --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
