Chris Angelico <ros...@gmail.com> writes: > On Thu, May 19, 2011 at 2:54 AM, geremy condra <debat...@gmail.com> wrote: >> On Wed, May 18, 2011 at 12:36 AM, Hans Georg Schaathun <h...@schaathun.net> >> wrote: >>> But then, nothing is secure in any absolute sense. >> >> If you're talking security and not philosophy, there is such a thing >> as a secure system. As a developer you should aim for it. > > Agreed. Things can be secure if you accept caveats. A good server > might be secure as long as attackers cannot, say: > * Get physical access to the server, remove the hard disk, and tamper with it > * Hold a gun to the developer and say "Log me in as root or you die" > * Trigger a burst of cosmic rays that toggle some bits in memory
You forgot the most important one: * if none of the software running on it has exploitable issues Personally, I think it's best to understand that no server is ever secure and hence one must always be prepared that a breach can happen. -- John Bokma j3b Blog: http://johnbokma.com/ Perl Consultancy: http://castleamber.com/ Perl for books: http://johnbokma.com/perl/help-in-exchange-for-books.html -- http://mail.python.org/mailman/listinfo/python-list
