I would like to believe there’s lots of good info here, but I found it really hard to digest.
Starting with the first example, am I right that they’re creating a write only user? How many websites use that? For example, how would lobsters work with a write only user? You wouldn’t be able to read any stories, right?
Is there no better password hash available than MD5? (How weird is it that they recommend running a windows binary using wine?)
I almost can’t believe they’d even mention ident auth. No, just no.
The section on encryption isn’t half bad, but generally could be summarized and shortened to “if people are sniffing your database traffic, you’re fucked.” Database links are a good candidate for physical isolation.
I would like to believe there’s lots of good info here, but I found it really hard to digest.
Starting with the first example, am I right that they’re creating a write only user? How many websites use that? For example, how would lobsters work with a write only user? You wouldn’t be able to read any stories, right?
Is there no better password hash available than MD5? (How weird is it that they recommend running a windows binary using wine?)
I almost can’t believe they’d even mention ident auth. No, just no.
The section on encryption isn’t half bad, but generally could be summarized and shortened to “if people are sniffing your database traffic, you’re fucked.” Database links are a good candidate for physical isolation.