[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <200311041121.16181.capegeo@opengroup.org>
From: capegeo at opengroup.org (George Capehart)
Subject: Gates: 'You don't need perfect code' for good security
On Tuesday 04 November 2003 06:03 am, Geoincidents wrote:
> > But IMHO, that *is* the point. If it's on the Internet, it's
> > exposed . . . And if a stored procedure is exposed, then the whole
> > system is exposed . . .
>
> Nonsense, you read to many MS papers <g>. Lots of ISP's run SQL
> servers on the internet for radius authentication, where the database
> and stored procedures are not exposed. Just because MS describes
> something you don't consider safe, you are assuming there isn't a
> safe way to do it?
Heh. We're in violent agreement on this issue. My thrust wasn't that
it is not *possible* to run a database where the database and stored
procedures are not exposed . . . it was that the corporate vice
president, SQL Server Team is saying that Yukon is designed to support
stored procedures being exposed as Web services. Put another way,
they're purposely designing a system so that it that can be easily used
in a *very* unsecure way, and touting it as a design coup. I have a
hard time reconciling that with the notion that Microsoft has the
slightest clue about system security and secure system design. This is
a shining example of "innovation and enhanced feature/function"
trumping secure system design.
>
> If what you say is true, then all the MS databases where they store
> registration information, windows update information, activation
> information, they must all be exposed so how about posting exploits
> for them so we can get MS to secure our data? Or are those on the net
> yet not exposed?
Don't know. I have never been in a situation where anybody had *any*
database exposed to the Internet. There have always been several
layers of software and firewalls between the Internet and a production
database . . . and there has always been a distinction between "DMZ"
databases and production databases. DMZ databases may keep some state
information, cache, and, maybe even some "local" authentication
information in them. But databases that held production data and which
would have stored procedures that provide business function (or
service), are on the internal network 'way far away from the Internet.
/g
Powered by blists - more mailing lists