Database migration

Andrew Reid andrew.reid at plug.cx
Tue Dec 3 13:04:22 CST 2002


On Tue, Dec 03, 2002 at 08:51:15AM +1030, David Lloyd wrote:

> > OK. Dare I even suggest (seeing as we are, for all intents and
> > purposes, a Microsoft shop, at the moment) that SQL Server is even
> > worth thinking about? I've never worked with it in a development
> > sense, but I can imagine that it will be raised as an option at some
> > stage in the future.
> 
> Raised as an *option*? More like chosen by management after some
> champagne imbuing "Microsoft is wonderful" seminar.

My management aren't quite that bad; they refuse to attend such
seminars (held by any company) and leave it to us. That said, they're
bound to (and I'm definitely obliged to) look at SQL Server as an
option when it comes to choosing an enterprise-class database server. 

I don't like it, but at the end of the day, it's a business decision
too, and if SQL Server can prove itself as stable, reasonably
efficient and financially viable, who knows, we just may go for it.

That's not to say that we will, or that I want to, but I think it
illustrates the fact that I can't just throw it out the window because
I have a violent hate of Microsoft.

I've never developed anything with a SQL server backend and my
experience with SQL Server-based applications is fairly rudimentary,
so I really need to evaluate it before passing judgement (although the
number of SQL Server security advisories that I receive gives a hint
or two).

> > ... not that I'm particularly keen to use it (the number of security
> > advisories directly relating to SQL Server in the last few weeks is
> > quite frightening), but it'll have to be a consideration.
> 
> You're turning Microsoft's arguments on its head now. They accuse Linux
> of having more security advisories than Microsoft products, and conclude
> that Linux is less secure.
> 
> How about we rephrase that to "The number of SERIOUS security flaws..."?

Security advisories generally *do* point to security flaws;
vulnerabilities in the software package. Again, I can't comment with
any authority on the design of SQL Server, but it may well be a
security risk by design. I'd expect it to be. Again, David, it has to
be looked at. There are features in SQL Server that I'm yet to see
arrive in the Open Source world.

> > Still thinking about that. Perhaps, as was suggested to me by Dan
> > Shearer, the backend can produce data in XML format to be rendered by
> > whatever application we so choose, whether it be a Windows-native
> > client, a web-based client, or something made out of toothpicks and
> > creamcheese.
> 
> Or you could use ODBC or JDBC...

Producing XML gives us the ability to feed it into just about anything
as well as making future expansion a bit easier. Using ODBC or JDBC
would require the user interface to have a bit more brains to it,
which I'd not really want to have happen.

   - andrew

-- 
| Andrew Reid [mailto:andrew.reid at plug.cx]
| Overworked and Underpaid Network Monkey
| C: +61-401-946-813  F: +61-8-8379-1093
| Finger andrew at keetoo.alfred.cx for PGP Public Key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 248 bytes
Desc: not available
Url : http://www.linuxsa.org.au/pipermail/linuxsa/attachments/20021203/d87f46d6/attachment.bin


More information about the linuxsa mailing list