[BangPypers] [OT] language fanaticism
lawgon at gmail.com
Thu Jul 14 11:03:22 CEST 2011
On Thu, 2011-07-14 at 10:31 +0530, Baishampayan Ghose wrote:
> > what fun!
> I don't understand how Django apps can automatically guarantee a
> certain level of security while PHP applications can't. Are you trying
> to indicate that each and every Django app that you've built is free
> from any security hole?
I would not know - I use standard django with no extra security. When
they announce that there is a hole, (which they have done twice in the
last 6 years) I just do an 'svn up'.
> IMHO if an application is insecure, it's the programmer who is to
> blame and not the language/framework.
while broadly true, you really need to work at it to make a django app
insecure while you really need to work very hard to make a php app
More information about the BangPypers