Found security expliot in port phpBB 2.0.8 FreeBSD4.10

[Roger Marquis]

> Julian Elischer <julian at elischer.org> writes:
> ...or we could urge them to stop using PHP at all.

If only... but in favor of what, Perl?  One nice thing about PHP
is its similarity to Java/JSP.  Learn one and you're part way to
learning the other, and JSP really is a web technology the security
community should be encouraging.

> Kris Kennaway <kris at obsecurity.org> wrote:
> Remember that FreeBSD is supported by the community, so you also could
> have submitted the update but didn't.

With all due respect to Kris and his excellent work, shooting the
messenger is probably not the best way to encourage discussion of
substantive issues.

-- 
Roger Marquis
Roble Systems Consulting
http://www.roble.com/