The PostgreSQL people over at about oh-say 7.1 had a problem. Their
backup tool could produce _bad_ backup files. The program would
complete, exit 0 and everything, but the backup file couldn't be
loaded.
A few hours with awk and sed, it was all straightened out, but it
would
seem that I ran for about 6-7 months without a good backup.
Now, _I_ didn't check my backups except once-maybe twice- after I
set up
the cron job in the beginning (a few years ago, I suppose). Somewhere
along the line, the database got some data that the backup tool
couldn't
deal with.
Does your backup system protect against this failure?
As every good administrator, don't change a working system unless you
have to, and
regularly check if things are still ok. Administrating is not a job
of only creating new applications, improving application or spending
your bosses money, it is a job of keeping and maintaining service.
One day, I took over for a customer who's previous admins had thought
rsync was a good way to backup their mysql database. One day they came
in and all the databases were empty. Can you guess why?
Does your backup system protect against this failure?
*My* backups do, as I mentioned.
A friend of mine thought they no longer needed tar or mysqldump to
take
backups, but instead set up MySQL to do that fancy new replication
thing, and one day accidentally sent a misplaced DELETE instruction.
Does your backup system protect against this failure?
Although it is everyones choice to use a database, but i seriously
recommend against MySQL,
it's faundation is not based on data integrity and security. Making
it a good base for an select-only driven website, but not for things
as important as email..
No, apparently, it doesn't go without saying:
Go back and look at the parent- this was about security problems, and
not about breaches.
I know, but your former comment wasn't so I responded to that.
The administrator that you're talking about obviously equates security
with lack-of-breaches. That's not what we're talking about.
How do you mean this, please explain.
We're talking about security as in the kind that the rest of the world
uses- as in demonstrating risk, privilege possibility, attack vectors,
and knowledge of how DBMail interacts with the system, the users, and
the environment.
All nice words, but they all mean the same.
I'd like to recommend that we _not_ avoid the issue. Not because _I_
need DBMail to be secure- as I said, I'm already fine- it's the
rest of
you I'm worried about: The ones that think security breaches are what
you've got to worry about.
Sometimes it seems you think you're the best administrator, and the
rest is just a bunch of kids.
That isn't always a nice way to interact with people, people tend to
stop considering your answers.
There are as many viewpoints to subjects as there are people,
although for some people the viewpoints differ less, so they can join
to create mighty projects, as is with MySQL/ PostgreSQL,
and as have Paul and Aaron.
--
Internet Connection High Quality Web Hosting
http://www.internetconnection.net/
I really dislike adds send to an opensource mailinglist!
