Php vs Python gui (tkinter...) for small remote database app
Menno Holscher
mennoholscher at gmail.com
Tue Jun 15 15:50:49 EDT 2021
Op 15-06-2021 om 19:14 schreef Grant Edwards:
> On 2021-06-15, Menno Holscher <mennoholscher at gmail.com> wrote:
>
>> There is no difference regarding security concerns.
>
> I find that hard to believe given the long list of CVEs I've just had
> to sort through for even fairly recent versions of PHP. I just can't
> belive that Python has anywhere close to that many secruity issues.
>
An excellent example. The "concerns" here are "Is this platform safe?"
and "Does the supplier/community react promptly to security problems?".
In case of PHP indeed the safety of the platform is a worry, however,
apparently if there is a problem, action is taken.
How does the Tkinter/TCL/TK software or the PyQt/Qt do in that respect?
Just looking at the number of CVEs, is that enough? What if one of these
stacks has few, but long outstanding security problems? Would that be
better or worse than the situation for PHP?
As an aside, I do not know the amount of CVEs PHP nor Python is
receiving. When I search the NIST CVE database for the word Python I get
43 hits for the last 3 months. None of those are against the language or
the CPython interpreter and only 1 against a Standard Library package or
module (urllib3). A lot of the others are for web frameworks and
extensions for those, as well as Tensorflow. So as you argue, it seems
Python does really well as a secure development platform.
--
Met vriendelijke groet / Kind regards
Menno Hölscher
More information about the Python-list
mailing list