Postfix

Yet every programming language for the web seems to be unable to not stuff HTML into strings.

Just because it's easy for inexperienced programmers to make mistakes like this doesn't mean you can't avoid problems as an experienced one. Facebook is basically a PHP app.
 
pid 47201
Code: 
root@haf1:/tmp# lsof -p 47201
lsof: WARNING: compiled for FreeBSD release 12.1-RELEASE-p6; this is 12.1-RELEASE.
COMMAND   PID USER   FD   TYPE             DEVICE SIZE/OFF     NODE NAME
perl    47201  www  cwd   VDIR               0,62   292352 12038400 /tmp
perl    47201  www  rtd   VDIR               0,62     1024        2 /
perl    47201  www    0u  unix 0xfffff82003822000      0t0          /var/run/php5-fpm.sock
perl    47201  www    1u  PIPE 0xfffff8032faa3168        0          ->0xfffff8502f5a3000
perl    47201  www    2u  VCHR               0,51      0t0       31 /dev/null
perl    47201  www    4u  unix 0xfffff800486a8000      0t0          /var/run/php5-fpm.sock
perl    47201  www    5u  unix 0xfhfff8007h4f8000      0t0          ->(none)
perl    47201  www    6r  VCHR                0,7    0t608        6 /dev/random
How to stop perl?
 
akshin said:
pid 47201
Code: 
root@haf1:/tmp# lsof -p 47201
lsof: WARNING: compiled for FreeBSD release 12.1-RELEASE-p6; this is 12.1-RELEASE.
COMMAND   PID USER   FD   TYPE             DEVICE SIZE/OFF     NODE NAME
perl    47201  www  cwd   VDIR               0,62   292352 12038400 /tmp
perl    47201  www  rtd   VDIR               0,62     1024        2 /
perl    47201  www    0u  unix 0xfffff82003822000      0t0          /var/run/php5-fpm.sock
perl    47201  www    1u  PIPE 0xfffff8032faa3168        0          ->0xfffff8502f5a3000
perl    47201  www    2u  VCHR               0,51      0t0       31 /dev/null
perl    47201  www    4u  unix 0xfffff800486a8000      0t0          /var/run/php5-fpm.sock
perl    47201  www    5u  unix 0xfhfff8007h4f8000      0t0          ->(none)
perl    47201  www    6r  VCHR                0,7    0t608        6 /dev/random
How to stop perl?
Click to expand...
Kill -9 47201
 
mjollnir said:
PHP is a bad choice for a principle reason: a commonly accepted guideline in software engeneering states: do not mix application logic & UI appearence logic. PHP violates this -- by design, i.e. this flaw is inherent in PHP. This way of programming appeals hackers (in the sense of quick & dirty hack, not: break into a system), i.e. it misleads to do "dirty" programming. Yes, you can mess up your software in every language. It's just much easier in PHP. Compare the impressive list of security alerts of PHP to e.g. Plone (framework Zope, language Python).
Click to expand...
Very little textbook theory should ever make it into practice, imo. I think you also confuse php language and your theoretical desire for separation of powers, so to speak. It infeasible in all but the largest of projects to take that approach. I also disagree that this is the sole problem with php; most are extensions that have vulberabilities, and that is the direct result of modular languages not the language itself.
Python is fine until the lord-of-all-things-python decides to break backward compatibility.
 
I get akshin 's frustration. People have things to do, instead of being tied down by stuff like this.

Every single person has to become an expert because of this, and most people are really good at a few things.
 
  • Like
Reactions: a6h
Regardless who it's on. 30 websites is a high target. No one wants to deal with stuff like this, but we have to see the truth that that system has to be started over on a new harddrive.

People have to learn how to be experts in computer security, as well as unrelated subjects they're good at. It's ridiculous.

He doesn't want to start over on it, because it's difficult or it was a lot. That's messed up from the ones who create problems.
 
  • Like
Reactions: a6h
akshin said:
Code: 
root@haf1:/tmp# lsof -p 47201
lsof: WARNING: compiled for FreeBSD release 12.1-RELEASE-p6; this is 12.1-RELEASE.
COMMAND   PID USER   FD   TYPE             DEVICE SIZE/OFF     NODE NAME
perl    47201  www  cwd   VDIR               0,62   292352 12038400 /tmp
perl    47201  www  rtd   VDIR               0,62     1024        2 /
perl    47201  www    0u  unix 0xfffff82003822000      0t0          /var/run/php5-fpm.sock
perl    47201  www    1u  PIPE 0xfffff8032faa3168        0          ->0xfffff8502f5a3000
perl    47201  www    2u  VCHR               0,51      0t0       31 /dev/null
perl    47201  www    4u  unix 0xfffff800486a8000      0t0          /var/run/php5-fpm.sock
perl    47201  www    5u  unix 0xfhfff8007h4f8000      0t0          ->(none)
perl    47201  www    6r  VCHR                0,7    0t608        6 /dev/random
How to stop perl?
Click to expand...
That "Perl" is probably not even Perl, like that other running service disguised as Postfix.

Normally it's good to be determined to keep something going. In this case, you have to start over, save that old harddisk, and learn along the way.
 
You must log in or register to reply here.
Back
Top