PHPDeveloper.org: PHP 10.0 Blog: php -T (variable tainting)

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

PHPMaster.com: Zend Job Queue

Rob Diana's Blog: Web And Scripting Programming Language Job Trends - August 2011

Job Posting: Options Consulting Solutions Seeks PHP Developer Team Lead (Toronto, Canada)

Job Posting: FireScope Seeks Experienced Web Application Developer/Manager (Dallas, TX)

Kevin Schroeder's Blog: Added (PHP 5.3) job queuing to my WordPress instance

Job Posting: Jacob Group (Recruiter) Seeks Director of Software Development (Lacrosse, WI)

Job Posting: Skillshare Seeks Senior Frontend Engineer (New York, NY)

Job Posting: SoftLayer Seeks Software Engineer - Interface Development (Dallas, Tx)

Job Posting: Company Confidential Seeks Senior PHP Developer (Montreal, Quebec, Canada)

Job Posting: SoftLayer Seeks Software Engineer - Systems Development (Dallas, Tx)

News Archive

Community News: The Changelog Podcast

Site News: Popular Posts for the Week of 02.10.2012

Leaseweb Labs Blog: Migration to Symfony2 continued

SitePoint.com: How to Create Your Own Random Number Generator in PHP

Refulz.com: The __toString() Method - Objects as Strings

PHPMaster.com: Using Traits in PHP 5.4

Site News: Blast from the Past - One Year Ago in PHP

Ibuildings techPortal: DPC Radio: Implementing OAuth

Artur Ejsmont's Blog: A few words on bugs and software quality

Developer Drive: Building a PHP Ad Tracker: Data Object Design and Coding

PHP 10.0 Blog:
php -T (variable tainting)

by Chris Cornutt December 11, 2006 @ 10:26:00

On the PHP 10.0 Blog, there's a new post today talking about variable tainting and what it might be like if PHP included it too.

Perl and Ruby have variable tainting. Maybe PHP should have it too?

Variable tainting is a bit of built-in functionality that provides a "safety net" of sorts to the contents of variables to help protect both the users and the script itself from potentially harmful content.

He talks about how Ruby and Perl handle the functionality and how, were PHP to work it in, which approach would fit better with PHP's current model:

If one wants to implement proper tainting or sandboxing, it probably should be based on more generic approach that would account for existence of functions unknown in design time.

0 comments voice your opinion now!
variable tainting perl ruby sandbox unsafe content protect variable tainting perl ruby sandbox unsafe content protect

Community Events

Don't see your event here?
Let us know!

All content copyright, 2012 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework