Comment by chasil
9 hours ago
I like PHP because it allows access to core system calls on any platform.
I see runtime interpreters as constraining when a system call is needed, but proscribed.
9 hours ago
I like PHP because it allows access to core system calls on any platform.
I see runtime interpreters as constraining when a system call is needed, but proscribed.
You don't want to use PHP (a server-sided language) to solve a client-side problem.
I know a person who wrote Linux X Desktop Environment using PHP. Worked for them. It is general purpose programming language.
> [PHP] is general purpose programming language.
To be charitable, yes — PHP has access to low-level system details like the file system, sockets, and processes.
> I know a person who wrote Linux X Desktop Environment using PHP. Worked for them.
However: (a) "Worked for them" is an anecdote, not evidence of comparative suitability; (b) Don't confuse possibility with empirical fitness for purpose. Virtually all decisions are relative to alternatives [1]; (c) Even PHP describes itself as only a "general purpose scripting programming language" [2].
Note that "scripting language" itself can hide important differences. PHP 8 introduced JIT compilation [3] which helps.
[1] In negotiation terms, your BATNA (Best Alternative to a Negotiated Agreement). When evaluating technologies, don't forget the human cost, so consider your BATSHIT: Best Alternative To Shackling Humans In Tedium (or whatever expansion you prefer).
[2] https://www.php.net/
[3] https://upsun.com/blog/php-just-in-time-compiler/
PHP devs: "hold my beer."
'Member when a major crypto exchange, which had original been a market place for Magic the Gathering cards (so it was not a mountain named Gox), was hacked and everyone's crypto stolen because the owner had implemented his own SSH server in PHP?
> I like PHP because it allows access to core system calls on any platform.
Lots of people _love_ PHP precisely because of the size of its attack surface.
Do you have any examples of something you've built in PHP which benefitted from direct syscall access?
I keep hearing about this. I occasionally use PHP8 and so far I'm pretty happy with it. Is there any resource that teaches about security issues with modern PHP (version 8.x)?