Re: open source PostgreSQL not supportable?

From: DA Morgan <>
Date: Tue, 10 Jan 2006 08:37:55 -0800
Message-ID: <>

Christopher Browne wrote:
>>Alexander Schreiber <> writes:
>>>Add backdoors and things get even more interesting. One commercial
>>>database (ISTR it was Interbase) shipped with a backdoor for years
>>>that only got discovered (and removed) when the code finally went
>>>Open Source.
>>Quite true. It's a good thing the Sarbanes-Oxley statute (a
>>U.S. law, not an international law, by the way) does not require
>>companies to trust Oracle et al more than they trust their DBA.
>>However, the statute does seem to leave it up to auditors to
>>determine what constitutes appropriate controls. I'm curious as to
>>what auditor told DA Morgan that he had to use a closed-source
>>product that is supposed to be tamper-proof. KPMG hasn't told my
>>employer anything like that.

> Our auditors didn't tell us anything like that, either.
> Perhaps someone is blowing smoke from their nether regions?

Well the auditors at a number of public companies in the Pacific Northwest have been rather clear about it. Are you with a publicly held company?

Daniel A. Morgan
(replace x with u to respond)
Received on Tue Jan 10 2006 - 17:37:55 CET

Original text of this message