KaiGai Kohei <kai...@kaigai.gr.jp> wrote: > Previous security researcher pointed out security is trading-off, > not all-or-nothing. If we can plug most part of the threat with > reasonable performance degrading, it is worthwhile to fix up. I had the pleasure of hearing Admiral Grace Hopper[1] speak at an ACM luncheon once. When she discussed security, she asserted that there was no such thing as security which could not be breached. The goal of security efforts should not be to make it perfect, because you can't; any time you convince yourself you have that you are simply fooling yourself and missing the vulnerabilities. In her view the goal was to make the costs of breaching security higher to the perpetrator than the benefits. Each obstacle in their way helps tip the scales in your favor. -Kevin http://en.wikipedia.org/wiki/Grace_Hopper
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
