Women in Technology

Hear us Roar



Article:
  PHP Security, Part 1
Subject:   Security or Reliability/Robustness
Date:   2003-10-14 05:07:27
From:   anonymous2
A general comment (I'm not a PHP coder but interested in PHP, but I'm knowledgable in security/trust).


I'm wondering if you deal with PHP security or if you're confusing it with reliability of PHP code.


More precisely: security generally encompasses aspects like authentication/identification, authorisation/acces control, confidentiality/privacy, and some other properties.


But the questions you want to answer are "What will happen if invalid data is entered into a form element? Is there any way a malicious user could make your script behave in an unintended way? What measures are being taken to prevent these attacks?"


"Invalid" and "unintended" clearly point to the reliability property, while "failures" would be more appropriate than "failures".