On Fri, May 16, 2008 at 11:52 AM, ydjango <[EMAIL PROTECTED]> wrote: > I do not want to make it easy for some one who breaks in , either a > outsider or may be an rougue hosting provider employee or contractor, > to easily get access to all the information - data and code.
Again: if this is your worry, you have bigger problems. Allow me to suggest an alternate method: (satire begins here, for the humor-impaired) 1. Physically obtain the server upon which the code is stored. Write random data to the relevant sectors of the hard drive seven times over, then write zeroes to it seven times over, then write random data again. 2. Physically destroy the hard drive. Sledgehammers are good for this. 3. Place the shards of the hard drive into a vat of highly caustic acid. 4. Once the shards have dissolved, burn the resulting acidic liquid. Be sure to capture the smoke. 5. Cool the smoke until it turns back to ash. Mix the ash into the center of a reinforced concrete slab, at least 27 cubic feet in volume. 6. If you have access to sufficient technology, launch the concrete slab into space, on a course to collide with the Sun or (better) with any singularity which happens to be nearby. The singularity is best because -- even though it may not guarantee destruction of the information -- the subjective time to observe the rocket crossing the event horizon, from the frame of reference of a person some distance from it, will be effectively infinite, causing most attackers to give up. 7. If you do not have access to sufficient technology, have the concrete slab stored in a nuclear-hardened bunker, with no Internet connection, in a room using biometric identification keyed to yourself, and with the whole complex guarded 24/7 by US Navy SEALs. Maintain this watch until the technology available to complete step (6) becomes available to you. Once you've completed this process, your application code will be safe, for a reasonable value of "safe". (satire ends here) Or you could just find a host who properly sets up file permissions so that random people can't access your application code. Unless you own and personally supervise all of the following you will be susceptible to rogue employees: the server, the rack in which it's located and the datacenter in which the rack is found. Many people do not find that the perceived security gains of doing so outweigh the financial and maintenance drawbacks. YMMV. -- "Bureaucrat Conrad, you are technically correct -- the best kind of correct." --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
