>From my own mail archives, PHP appears to make up at least 4% of the email to bugtraq I see - or over 1000 issues since 1995, out of the 25,000 I have saved. People complain about applications like sendmail...in the same period, it has been resopnsible for less than 200. Do we have a new contender for worst security offender ever written ? And where are the more secure drop-in rewrites ? Darren