[nycphp-talk] September Talk
Peter Sawczynec
ps at pswebcode.com
Tue Aug 16 13:17:09 EDT 2005
Can't agree more.
Security topics as related to all installations, administration and in
development should be advanced.
In books security steps should be Chapter 3, not Chapter 11. In discussions
security should be in Part 2 not in the closing Q&A. In READMEs security
steps should be organized and grouped near the top of the file. In seminars
recommended security should be discussed in the early hours of presentation.
Security steps should not be recommended later, they must be early,
mandatory, and restrictive.
E.g.: kudos to MySQL for their most recent installer that clearly enjoins a
password on root before deployment.
Why are installs by default too insecure and users have to stumble onto the
secure methods after the fact. Why not install locked down and let users
stumble onto the loosening methods after the fact.
Peter
-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of John Nunez
Sent: Tuesday, August 16, 2005 12:19 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] September Talk
I would like to heard more on this subject. I won't make it to
Sept.'s talk but what about podcasting it with slides?
On Aug 12, 2005, at 7:18 AM, Chris Shiflett wrote:
> 2. PHP Security Audit HOWTO
> Intermediate/Lecture
> 60 Minutes
_______________________________________________
New York PHP Talk Mailing List
AMP Technology
Supporting Apache, MySQL and PHP
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org
More information about the talk
mailing list