LAMP Security

As reported in a few places, the “LAMP software stack was found to have less bugs than commercial offerings”: . It’s nice having some more support for the tools I love.

One of my favorite notes there, though, is the fact that even though the score for LAMP was lower than other tools, our average was raised by having PHP included in the stack.

_”There is one caveat: PHP, the popular programming language, is the only component in the LAMP stack that has a higher bug density than the baseline, Coverity said.”_

I think we’ve been saying that for a long time now.