mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-15 16:38:54 +00:00
96c9d88bad
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@297028 c90b9560-bf6c-de11-be94-00142212c4b1
61 lines
2.3 KiB
XML
61 lines
2.3 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!-- $Revision$ -->
|
|
<!-- splitted from ./index.xml, last change in rev 1.66 -->
|
|
<chapter xml:id="security.intro" xmlns="http://docbook.org/ns/docbook">
|
|
<title>Introduction</title>
|
|
<simpara>
|
|
PHP is a powerful language and the interpreter, whether included
|
|
in a web server as a module or executed as a separate
|
|
<acronym>CGI</acronym> binary, is able to access files, execute
|
|
commands and open network connections on the server. These
|
|
properties make anything run on a web server insecure by default.
|
|
PHP is designed specifically to be a more secure language for
|
|
writing <acronym>CGI</acronym> programs than Perl or C, and with correct selection of
|
|
compile-time and runtime configuration options, and proper coding
|
|
practices, it can give you exactly the combination of freedom and
|
|
security you need.
|
|
</simpara>
|
|
<simpara>
|
|
As there are many different ways of utilizing PHP, there are many
|
|
configuration options controlling its behaviour. A large
|
|
selection of options guarantees you can use PHP for a lot of
|
|
purposes, but it also means there are combinations of these
|
|
options and server configurations that result in an insecure
|
|
setup.
|
|
</simpara>
|
|
<simpara>
|
|
The configuration flexibility of PHP is equally rivalled by the
|
|
code flexibility. PHP can be used to build complete server
|
|
applications, with all the power of a shell user, or it can be used
|
|
for simple server-side includes with little risk in a tightly
|
|
controlled environment. How you build that environment, and how
|
|
secure it is, is largely up to the PHP developer.
|
|
</simpara>
|
|
<simpara>
|
|
This chapter starts with some general security advice, explains
|
|
the different configuration option combinations and the situations
|
|
they can be safely used, and describes different considerations in
|
|
coding for different levels of security.
|
|
</simpara>
|
|
</chapter>
|
|
|
|
<!-- Keep this comment at the end of the file
|
|
Local variables:
|
|
mode: sgml
|
|
sgml-omittag:t
|
|
sgml-shorttag:t
|
|
sgml-minimize-attributes:nil
|
|
sgml-always-quote-attributes:t
|
|
sgml-indent-step:1
|
|
sgml-indent-data:t
|
|
indent-tabs-mode:nil
|
|
sgml-parent-document:nil
|
|
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
|
|
sgml-exposed-tags:nil
|
|
sgml-local-catalogs:nil
|
|
sgml-local-ecat-files:nil
|
|
End:
|
|
vim600: syn=xml fen fdm=syntax fdl=2 si
|
|
vim: et tw=78 syn=sgml
|
|
vi: ts=1 sw=1
|
|
-->
|