PHP Security Slides Online

iBlog - Ilia Alshanetsky


Quicksearch
Calendar
Back December '24
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        
Syndicate This Blog

Thursday, September 15. 2005

Posted by Ilia Alshanetsky in PHP, Talks

Comments (2)
Trackbacks (3)

PHP Security Slides Online

Slides for the PHP Security talk at PHP|Works are now up. You can download them in either PowerPoint or PDF form.

More to come shortly :-)
  • Twitter
  • Bookmark PHP Security Slides Online at del.icio.us
  • Facebook
  • Digg PHP Security Slides Online
  • Bookmark PHP Security Slides Online at reddit.com
  • Stumble It!

Trackbacks
Trackback specific URI for this entry

Rombert is a geek on : PHP conferences slides

I will keep a track of the excellent slides that many PHP gurus use in conferences. Happily for us, they decided to share. Ilia Alshanetsky - PHP|Works Performance Talk Slides (2005) Ilia Alshanetsky PHP - Security talk at PHP|Works (2005)

phpXperts on : PHP Security Slides Online

Slides for the PHP Security talk at PHP|Works are now up. You can download them in either PowerPoint or PDF form. Its time to rock!! ...

S.S. Intrepid on : php | works: day 2

On this second day of the conference I attended the following sessions: Upgrade Your Development to Web 2.0, presented by Amy Hoy | slides here  Managing PHP Performance, presented by Ilia Alshanetsky | slides here  Rich User Interfaces ...

Comments
Display comments as (Linear | Threaded)

Anonymous on :

Might have been useful to mention magic_quotes_sybase in your discussion of magic quotes. Also, your alternative register_globals exploit example doesn't mention the more insidious possibilities of http://www.colder.ch/news/09-09-2005/4/another-example-showing-t.html

It certainly would be nice if setting array offsets in an uninitialized variable was E_NOTICE. Neatly provides the tools to detect both of the alternate formulations of the register_globals issue.

(Previously brought up on internals by the author of that article: http://news.php.net/php.internals/18666 )

Ilia Alshanetsky on :

There are many ways to exploit register globals, a whole talk can be made on it. But there is relatively time frame, so only somethings can be covered.
That said, you are correct there are additional register_globals exploits aside from the ones shown here.

Add Comment
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

Frontpage - Top level
Guide to PHP Security
Categories
Archives

Blog Administration