FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Heartbleed bug?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Heartbleed bug? [message #185558 is a reply to message #185556] Fri, 11 April 2014 01:58 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 4/10/2014 7:47 PM, The Natural Philosopher wrote:
> On 11/04/14 00:01, Denis McMahon wrote:
>> On Thu, 10 Apr 2014 14:03:25 +0200, Christoph Michael Becker wrote:
>>
>>> Jerry Stuckle wrote:
>>
>>>> You can ASS-U-ME all you want. I go by the facts. And if I were
>>>> concerned about PHP being involved, I would ask the OpenSSL people.
>>
>>> I would rather ask the PHP people, because they know best in which way
>>> PHP uses OpenSSL. Fortunately, that is not necessary anymore:
>>
>> As far as I can tell, PHP does not "use" OpenSSL directly itself, unless
>> a person writing php scripts calls functions that do use OpenSSL, and it
>> only seems to be when those functions are used that the vulnerability can
>> be exploited.
>>
>> For example, the following php script as a web page has no exposure to
>> the OpenSSL vulnerability:
>>
>> <?php
>> echo "<!doctype html><html lang='en'><head><title>Test</title></
>> head><body><h1>Hello World</h1></body></html>"
>> ?>
> ER, it COULD if it was running on a secure server!!!
>
>>

But that wouldn't be a PHP problem. It would be an Apache problem.


--

Ineptocracy

(in-ep-toc’-ra-cy). 1. Anything involving TNP. 2. See 1.
==================
Remove the "x" from my email address
Jerry Stuckle
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: cURL and response code 302
Next Topic: PHP Parse error: syntax error, unexpected '$sql' (T_VARIABLE) in
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Nov 23 21:00:44 GMT 2024

Total time taken to generate the page: 0.04901 seconds