Re: open source PostgreSQL not supportable?
Date: Tue, 10 Jan 2006 08:37:55 -0800
Message-ID: <1136911068.219332_at_jetspin.drizzle.com>
Christopher Browne wrote:
>>Alexander Schreiber <als_at_usenet.thangorodrim.de> writes:
>>
>>
>>>Add backdoors and things get even more interesting. One commercial
>>>database (ISTR it was Interbase) shipped with a backdoor for years
>>>that only got discovered (and removed) when the code finally went
>>>Open Source.
>>
>>Quite true. It's a good thing the Sarbanes-Oxley statute (a
>>U.S. law, not an international law, by the way) does not require
>>companies to trust Oracle et al more than they trust their DBA.
>>However, the statute does seem to leave it up to auditors to
>>determine what constitutes appropriate controls. I'm curious as to
>>what auditor told DA Morgan that he had to use a closed-source
>>product that is supposed to be tamper-proof. KPMG hasn't told my
>>employer anything like that.
> > > Our auditors didn't tell us anything like that, either. > > Perhaps someone is blowing smoke from their nether regions?
-- Daniel A. Morgan http://www.psoug.org damorgan_at_x.washington.edu (replace x with u to respond)Received on Tue Jan 10 2006 - 17:37:55 CET