[Owasp-brazilian] PHP Conference 2008

Wagner Elias wagner.elias at gmail.com
Wed Jun 18 11:10:44 EDT 2008


Register_Global, Magic_Quotes, é problema do PHP ou do programador que
não faz sanitização de dados?

Os recursos da linguagem estão lá, basta você saber usar...

Eu costumo dizer que a maioria dos problemas de segurança é causado
por quem não sabe programar...Pode usar qualquer linguagem, quem não
sabe programar vai fazer merda...

Abs.

2008/6/17 Thiago Lechuga <thiagoalz at gmail.com>:
> PHP ≈ Falha de segurança!
>
> haiuahiuah
>
> Sds,
>
> Thiago Alvarenga Lechuga
> (19)9153-3822
>
> Página Pessoal:
> http://thiagoalz.googlepages.com/home
> http://segurancawebbr.blogspot.com/
>
> ===Knowledge is only useful if you can share it.===
>
> 2008/6/17 Wagner Elias <wagner.elias at gmail.com>:
>>
>> Eu prefiro falar de PHP, pois a linguagem teve uma evolução e muita
>> gente ainda mete o pau sem conhecer...Os aspectos de segurança em PHP
>> são vastos e é interessante salientar, afinal muita gente usa PHP...
>>
>> Abs.
>>
>> 2008/6/17 Myke <mykesh at gmail.com>:
>> > eu particularmente não acho interessante falar de infra numa con de dev.
>> >
>> >
>> > On 6/17/08, Rodrigo Montoro(Sp0oKeR) <spooker at gmail.com> wrote:
>> >> Sera que aceitam algo de web application firewall com modsecurity?
>> >>
>> >> []zz
>> >>
>> >>
>> >> On Tue, Jun 17, 2008 at 5:55 PM, Thiago Lechuga <thiagoalz at gmail.com>
>> >> wrote:
>> >>
>> >> > Já que é de php alguem podia ir lá falar também de MagicQuotes....
>> >> > Chega
>> >> me dá calafrios quando alguém fala que MagicQuotes evita SQL Injection!
>> >> >
>> >> > hehehe
>> >> >
>> >> > Sds,
>> >> >
>> >> > Thiago Alvarenga Lechuga
>> >> > (19)9153-3822
>> >> >
>> >> > Página Pessoal:
>> >> > http://thiagoalz.googlepages.com/home
>> >> > http://segurancawebbr.blogspot.com/
>> >> >
>> >> > ===Knowledge is only useful if you can share it.===
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > On Tue, Jun 17, 2008 at 15:33, Wagner Elias <wagner.elias at gmail.com>
>> >> wrote:
>> >> >
>> >> > > Eu vou submeter uma palestra!
>> >> > >
>> >> > > Abs.
>> >> > >
>> >> > >
>> >> > >
>> >> > >
>> >> > > On Tue, Jun 17, 2008 at 3:21 PM, Myke <mykesh at gmail.com> wrote:
>> >> > > > Pessoal,
>> >> > > >
>> >> > > > Alguém se habilita?
>> >> > > >
>> >> > > > http://phpconference.com.br/
>> >> > > >
>> >> > > >
>> >> > > >
>> >> > > > obs:
>> >> > > >
>> >>
>> >> http://jeremiahgrossman.blogspot.com/2008/06/developers-dont-go-to-security.html
>> >> > > > _______________________________________________
>> >> > > > Owasp-brazilian mailing list
>> >> > > > Owasp-brazilian at lists.owasp.org
>> >> > > >
>> >> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>> >> > > >
>> >> > >
>> >> > >
>> >> > >
>> >> > > --
>> >> > > Att.
>> >> > > Wagner Elias
>> >> > > http://wagnerelias.com
>> >> > >
>> >> > >
>> >> > >
>> >> > > _______________________________________________
>> >> > > Owasp-brazilian mailing list
>> >> > > Owasp-brazilian at lists.owasp.org
>> >> > >
>> >> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>> >> > >
>> >> >
>> >> >
>> >> > _______________________________________________
>> >> > Owasp-brazilian mailing list
>> >> > Owasp-brazilian at lists.owasp.org
>> >> >
>> >> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>> >> >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> ===========================
>> >>  Rodrigo Montoro (Sp0oKeR)
>> >> Security Analyst
>> >> SnortCP / RHCE / LPIC-I / MCSO
>> >> http://www.spooker.com.br
>> >> http://www.snort.org.br
>> >> http://www.linkedin.com/in/spooker
>> >>  ===========================
>> >> _______________________________________________
>> >>  Owasp-brazilian mailing list
>> >>  Owasp-brazilian at lists.owasp.org
>> >> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>> >>
>> >>
>> > _______________________________________________
>> > Owasp-brazilian mailing list
>> > Owasp-brazilian at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>> >
>>
>>
>>
>> --
>> Att.
>> Wagner Elias
>> http://wagnerelias.com
>> _______________________________________________
>> Owasp-brazilian mailing list
>> Owasp-brazilian at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>
>
> _______________________________________________
> Owasp-brazilian mailing list
> Owasp-brazilian at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>
>



-- 
Att.
Wagner Elias
http://wagnerelias.com


More information about the Owasp-brazilian mailing list