DB design document
David Merrill
dmerrill@lupercalia.net
Thu, 21 Dec 2000 13:25:59 -0500
On Thu, Dec 21, 2000 at 01:13:02PM -0500, Derek Atkins wrote:
> <linas@linas.org> writes:
>
> > Lets reanalyse the requirements. You want security. Why? to run over
> > the open internet? If you're running over the open internet, then
>
> Not exactly. It's just that I don't trust the network I'm sitting on,
> regardless of where I am. Let's suffice it to say that there ain't no
> such thing as a "trusted network." The whole concept is flawed. Let me
> explain what I mean.
You're not paranoid, they really are out to get you.
Seriously, though, you're right about the strong security
requirements. We cannot possibly be too careful. Trust nobody.
> I think as we discuss APIs this will "fall out" as we try to abstract
> out the data store. This will all be necessary if we modularlize the
> SQL code anyways. So we should get a lot of this discussion for free,
> provided that we do limit the scope of where SQL enters the rest of
> GnuCash.
I think the SQL code should not be marshalled over the wire. Keep SQL
on the server side entirely.
--
Dr. David C. Merrill http://www.lupercalia.net
Linux Documentation Project dmerrill@lupercalia.net
Collection Editor & Coordinator http://www.linuxdoc.org
Finger me for my public key
Corn and Grain, Corn and Grain
All that falls shall rise again