Re: Open Source Quality

From: Jeff Almeida <spud_at_spudzeppelin_dot_com>
Date: Mon May 10 2004 - 10:02:24 CDT

Also Sprach james_in_denver:
>For transactional security, and that seems to be a very high priority
>for this project, then Postgres would be the better choice. MySQL does
>not have any transaction mechanisms. Since the project's back end data
>store is where the actual tabulation of votes takes place, I would
>strongly recommend for a transactional aware database.

This (about MySQL) is old information -- how long ago did you last work
with it? MySQL (currently in the 4.1.x line) has supported
transaction-capable table types and an ability to turn off auto-commit
since early in the 3.23.x releases.

Postgres also has the distinct disadvantage of being a bit of a black box
in that the underlying i/o is not transparent when viewed from the os;
MySQL tables (or tablespaces, if you're using innoDB tables) are physical
files on the system -- you can watch things like modification time, etc.
that aren't readily apparent under postgresql.

FWIW, there are a other systems with similar licenses (SQLite in
particular) that may be better-suited to this particular application
because of their nature -- that's a discussion we can explore in more
detail if you would like. Suffice to say that feature-rich database
systems with a wealth of readily-available administration tools may be
exactly the wrong direction to go from a security perspective. :)


Jeff D. "Spud (Zeppelin)" Almeida
Corinth, TX
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Mon May 31 23:17:29 2004

This archive was generated by hypermail 2.1.8 : Mon May 31 2004 - 23:18:16 CDT