[ic] Considering interchange

Stefan Hornburg racke at linuxia.de
Tue Mar 14 04:56:00 EST 2006


Mike Heins wrote:
> Quoting Mick Szucs (mick at scrapbookgraphics.com):
> 
>>Hello, all.
>>
>>The warning that this list is "high traffic" seems a little unfounded now.
> 
> 
> I remember the warning -- we used to get 15,000 messages a year -- but
> I forget where it is.
> 
> 
>>I'm running a reasonably successful osCommerce site right now and I'm
>>looking to move to something that, umm... sucks less.  Interchange seems
>>to be flexible and well written, plus I *heart* Perl.
> 
> 
> Welcome. I believe osCommerce and the success of PHP is probably one
> of the reasons Interchange's mail list is not so busy any more. I have
> never really looked at PHP carts, because I think security is generally
> very poor on PHP. I know it is improving, but it still is a crack
> waiting to happen.

I doubt that it makes sense to judge the "security" of a programming language.
There were many problems in the past with badly written Perl CGI scripts as well.
In fact, the concern is security of web applications or dynamic pages in general.
The typical website owner downloads an application (nowadays often PHP), installs
it and probably never updates it. Malicious users can easily exploit said
applications to get webserver rights on a host on known problems.

Bye
	Racke



More information about the interchange-users mailing list