Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> comp.databases.theory -> Re: open source PostgreSQL not supportable?

Re: open source PostgreSQL not supportable?

From: Christopher Browne <cbbrowne_at_acm.org>
Date: Mon, 09 Jan 2006 18:42:41 -0500
Message-ID: <m3u0cdvuha.fsf@mobile.int.cbbrowne.com>


> Alexander Schreiber <als_at_usenet.thangorodrim.de> writes:
>
>> Add backdoors and things get even more interesting. One commercial
>> database (ISTR it was Interbase) shipped with a backdoor for years
>> that only got discovered (and removed) when the code finally went
>> Open Source.
>
> Quite true. It's a good thing the Sarbanes-Oxley statute (a
> U.S. law, not an international law, by the way) does not require
> companies to trust Oracle et al more than they trust their DBA.
> However, the statute does seem to leave it up to auditors to
> determine what constitutes appropriate controls. I'm curious as to
> what auditor told DA Morgan that he had to use a closed-source
> product that is supposed to be tamper-proof. KPMG hasn't told my
> employer anything like that.

Our auditors didn't tell us anything like that, either.

Perhaps someone is blowing smoke from their nether regions?

-- 
select 'cbbrowne' || '@' || 'cbbrowne.com';
http://cbbrowne.com/info/rdbms.html
/Utopia-Bold  40 selectfont/n{moveto}def/p{gsave true charpath clip 72
400 n 300 -4 1{dup 160 300 3 -1 roll 0 360 arc 300 div 1 1 sethsbcolor
fill}for grestore 0 -60 rmoveto}def 72 500 n(This signature has been)p
(brought to  you by the)p(letter  Q and the number 42.)p(Chris Browne)
p(chris_at_cbbrowne.com)p showpage
Received on Mon Jan 09 2006 - 17:42:41 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US