PHP Security Research - overview
The LAMP stack (Linux, Apache, mySQL, PHP/Perl/Python) is very popular because of the ease with which web applications can rapidly be developed. Substantial open source code exists to rapidly create Web applications. However, software quality, including security, is a major issue for the deployment of such applications. Security flaws, for instance, can be introduced at several points in the life cycle of a Web application:
- at the client side in the web browser,
- on the wire,
- at the front end of the server,
- in the web application on the server,
- at Web services level, and
- in the back end (e.g., databases).
Our approach for addressing the end-to-end software quality and security of Web applications consists of building tools for analyzing programs written in multiple languages. Our current focus is on analyzing PHP applications for detecting software errors, including security vulnerabilities that may exist in such applications. Our approach includes not only analysis of PHP programs, but also includes analysis of configuration files, and the interplay that exists between PHP, Apache, and database configurations.
- Tadeusz Pietraszek, Chris Vanden Berghe. Defending against Injection Attacks through Context-Sensitive String Evaluation. In Recent Advances in Intrusion Detection (RAID 2005), volume 3858 of Lecture Notes in Computer Science, pages 124-145, Seattle, WA, 2005. Springer-Verlag.
- V.C. Sreedhar. Static and Dynamic Analysis for PHP Security. NYPHPCon. (PDF)
- Wietse Venema. PHP tainted variables. NY PHP users group. (PPT) ]