On 28 Jun 2012, at 08:05, Tei wrote:
On 27 June 2012 09:50, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote:
(<troll>specially for a Web site written in PHP</troll>)?
We software makers have a problem, when a customer ask for a application, often theres a wen project that already do it ( for the most part is a round peg on a round hole). So a natural solution is to install this project and customize it to his needs (theme, perhaps some programming). The other option is to create a code from scratch (perhaps using a framework).
If you create the code from scratch, it will be safe.
I would challenge this. This is not true unless you follow very strict rules to make your code safe, and even then, you are not completely safe.
A tree cant get a human virus, and a human can't get a tree virus. You are not unhackable, bad practices will byte you on the long term, but you don't see exploits made specifically for this custom made code daily.
Think about sql injection, they are not only to specific platforms but to general bad programming practices. <snip the rest, it just … sucks > =) Regards, as