On Thu, 2007-11-01 at 07:59 -0500, Michael Stahnke wrote:
Again, blaming the lanaguage doesn't make a ton of sense. If
you're
worried about XSS, audit the code. If you're worried about buffer
attacks, run SELinux. The list goes on.
These same security measures should be taken with any application in
any lanaguage. Just because we have some PHP-haters out there,
doesn't really mean it sucks. Sure it's easy to write bad code in.
So is Bash. Should we ban bash from all Fedora systems? I can write
all sorts of junk with it.
If someone was writing a public-facing non-authenticated application in
bash, then yes, I would not recommend using it, too.
-sv