| From: | Christopher Browne <cbbrowne(at)acm(dot)org> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Database Selection |
| Date: | 2006-04-27 01:59:15 |
| Message-ID: | 87vesvdbik.fsf@wolfe.cbbrowne.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
After takin a swig o' Arrakan spice grog, xzilla(at)users(dot)sourceforge(dot)net (Robert Treat) belched out:
> On Tuesday 25 April 2006 01:46, IvoD wrote:
>> My "sixth sense" tells me that PostgreSQL is better than MySQL,
>> therefore for main app I prefer PostgreSQL; but I am in doubt to
>> run only one db engine for two databases. But my "inner space"
>> tells me to separate newsgroups system and company data system and
>> run two different db engines - in light of security (although only
>> one db engine looks promissing).
>
> This seems pretty illogical if you follow that line of thinking out
> a little further. Would you expect it to be more secure if you ran
> one system on linux, apache, mod_foo and the other on bsd, lighty,
> and mod_bar ? Best to through your support behind one complete
> system (sounds like postgresql from previous postings) that can do
> the job and become an expert in making that system secure.
I approve of the "avoid monoculture" notion, in some ways.
After all, it *is* an enormous problem that the world is filled with
Windows systems that run the same kernels, most of the same drivers,
the same MS Office, the same Outlook, and which hence are vulnerable
to the varied array of Things That Attack Windows.
And "script kiddies" have had a history of analyzing what
vulnerabilities Red Hat left in their distribution. A monoculture of
Red Hat 7.2 systems isn't all that secure, either.
I think we'd be in a "better world," computing-wise, if we had some
better diversity of the sort where we had a multiplicity of platforms.
MVS, VMS, OS/2, Unix, all have been been meaningful to that end.
But I'm not at all sure that security is enhanced simply in the fact
of having multiple flavours of databases in the environment. I can
only see that being of material assistance once you have gotten to the
point where it *isn't* more useful to secure what you already have
than it is to introduce brand new components you need to learn to
secure.
--
let name="cbbrowne" and tld="gmail.com" in String.concat "@" [name;tld];;
http://cbbrowne.com/info/wp.html
If men can run the world, why can't they stop wearing neckties? How
intelligent is it to start the day by tying a little noose around your
neck? --Linda Ellerbee
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bob Shearer | 2006-04-27 02:40:12 | pg_dump |
| Previous Message | Christopher Browne | 2006-04-27 01:42:48 | Re: Database Selection |