SecurityFocus.com: PHP Security From The Inside (Interview with Stefan Esser)

Wed, 07 Feb 2007 11:36:00 -0600

Over on the SecurityFocus website, there's an interview posted with Stefan Esser of the Hardened-PHP Project (as interviewed by Federico Biancuzzi.

Federico Biancuzzi discussed with him how the PHP Security Response Team works, why he resigned from it, what features he plans to add to his own hardening patch, the interaction between Apache and PHP, the upcoming "Month of PHP bugs" initiative, and common mistakes in the design of well-known applications such as WordPress.

Some of the topics discussed include

the Hardened-PHP Project
Suhosin
the PHP Security Response Team (his role in it and why he left)
PHP5's security focus versus PHP4's
and more...

Check out the full interview to have all of your questions answered.

PHPDeveloper.org

SecurityFocus.com: PHP Security From The Inside (Interview with Stefan Esser)