website coded in python ?

Nerigal

Verified User
Joined
Jul 6, 2009
Messages
124
Hi ,

was just curious to know what you guys think about website coded in python...
im not familiar to python website ( run in cgi ) but i do know python is hacker's language...

is using this language as website a security risk ? what is the gain ?
is there something you can do in python that can't do in php ?

also my customer need GIT to run it... how this would interact with directadmin... is this GIT framework and other security or stability hole ?

this is obscure to me and here is the only place i can find credible information because of the DA environment.


thanks for help
 
Python is not just a hacker's language, it is a legitimate scripting programming language as is Perl, Php, ... The choice of programming language really depends on what you hope to accomplish as well as what you already know. Some languages are better at parsing or regular expressions or some other strengths. I can't think of anything that you can do in Python that you couldn't do in Php, but that doesn't mean Php is the better language. What can be done with 50 lines of Python may take 2000 lines of Php to replicate, it really depends on what it ultimately wants to do.

The only security risk I can think of in running a Python script as opposed to Php, is that there aren't any built-in mechanisms to prevent the script from accessing anything outside of the users directory. Of course that is no different than running a Perl script or any other scripting language as a cgi. Php does have the option (and DA uses it) to prevent access to files outside of that users home. If all your files are secured, then this really shouldn't pose too much of a threat, since they still shouldn't be able read/write to your system files.

Git is just a source code control system. I am not entirely sure they can use it without shell access on a DA server. At least any time I have used it, was from the command line or through a GUI to my desktop. I am guessing that they really don't require Git on the DA server. They should be able to pull their info down to a staging directory on their desktops and then push them to the DA server, I have done that with many open source packages I have used.
 
Back
Top