...
> I've been securing systems since I started an ISP in 1995, and so I've
> seen a lot of security vulnerabilities come and go, and I've got a bit
> of a feel for what kinds of things are typically exploited. And this one
> one just screams, "potential security vulnerability!" to me.
Sure, there is screaming all over the place :)
But the zeroth-order issue is not security. It is storage management for
large databases. Any scheme we have for accomplishing that must hold up
to scrutiny, but we can not refuse to proceed just because there are
"lions tigers and bears" out there.
I know you are being thoughtful about the issues, but the most secure
database is one which is not running. The most robust database is the
one with no data. We're pushing past that into large data management
issues and have to find a way through the forest. Security will be one
aspect by which we measure the solution. Scalability and robustness are
other issues, and there are still others. We'll talk about them all
before we are done ;)
- Thomas