What offer the best security for all , Perl, PHP or ASP?
Languages don't generally offer security at all. Those that do are probably proprietary languages being sold by companies with imaginative but technically ignorant marketing departments that would print anything to increase revenues.
If you want security, you'll need a solid understanding of the issues, sound programming practices, and rigorous testing. Even after the program is written and deployed, the security of the system will depend on the skill of the administrators in configuring it securely. The language that the software is written in really doesn't matter much.
Still, some languages make it easier to write secure code by providing tools that assist in it. For instance, Perl provides a tainting mechanism (the -T switch) that, when used correctly, can help you to avoid accidentally using user supplied data in places where it could be unsafe to do so. PHP fails to provide such a mechanism and I don't think ASP has it either. (I know next to nothing about ASP though, so don't take my word for it.) Perl also provides the ops pragma and the Safe module to restrict access to opcodes in compiled code. The closest PHP comes to that is the ability to disable functions in the global configuration. (Note that disabling functions is a far cry from disabling opcodes and PHP builtins like "echo" cannot be disabled.)
None of this is to say that I think Perl is more secure than PHP. I do appreciate some of the tools it provides to help write secure programs though. The security of the whole system depends entirely on the developers of the software being run and the administrators configuring it.
-sauoq "My two cents aren't worth a dime.";
In reply to Re: Security - Perl, PHP or ASP?
by sauoq
in thread Security - Perl, PHP or ASP?
by webstudioro
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |