On 01/07/05, Andrew Scott <andrews@xxxxxxxxxxxxxxxxxxx> wrote: > Stut, > > FYI here is a copy of the text after installing php. <snip> > Warning > > Be aware, that this setup of PHP is not secure. If you would like to > have a secure PHP setup, you'd better go on the manual way, and set > every option carefully. This automatically working setup gives you an > instantly working PHP installation, but it is not meant to be used on > online servers. Ok, now I see the root of your comment. Maybe it's just me but I never assume that any automatic installation will create a secure environment. The reason for that is that the installer cannot possibly know what it needs to do to make the system secure - that's what sysadmins are for. I must also point out that a system that used this installer to set up PHP can be secured in exactly the same way as any other in much the same way as anyone doing it manually can create a setup that is less secure than using the installer to do it for them. So, I was technically wrong but IMHO the point is flawed since nothing should be assumed to be secure out of the box. With that convenient diversion hopefully settled you are still yet to convince me that CF offers any significant advantage over PHP. -Stut -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
