On Wed, Apr 12, 2006 at 12:32:52PM +0200, Peter Eisentraut wrote:
> Am Dienstag, 11. April 2006 23:20 schrieb Tom Lane:
> > In the end it's only one small component of security, but any
> > security expert will tell you that you take all the layers of
> > security that you can get.
>
> I think what the security experts are saying is that you need a
> thorough evaluation of assets, attackers, risks, and
> countermeasures, and I don't see that here.
Exactly. One security expert you may have heard of, Bruce Schneier,
has laid out a 5-step process, and we haven't gotten to step 1 yet
where the proposal is "turn PL/PgSQL off by default."
Bruce Schneier's 5-Step Security Evaluation
1. What assets are you trying to protect? 2. What are the risks to those assets? 3. How well does the security
solutionmitigate those risks? 4. What other risks does the security solution cause? 5. What costs and tradeoffs
doesthe security solution impose?
Let's start with step 1 and go forward from there.
Cheers,
D
--
David Fetter <david@fetter.org> http://fetter.org/
phone: +1 415 235 3778 AIM: dfetter666 Skype: davidfetter
Remember to vote!