> All of these ideas about isolating requests are totally fine, honestly. If you can afford those sorts of trade-offs in your design, then go hog wild.
I think far fewer people make some of these trade offs than could afford to.
I think there is a more fundamental problem with databases and data in general. A lot of what servers do involves shared data - think of the typical CRUD app where multiple people can read or modify the same data, and that is the valuable data.
> If you're truly serious about security, and you're building something from scratch, start by preventing vulnerabilities as far left in the process as possible; and you can't go further left than having a programming language that can prevent certain bugs entirely by-design.
I think far fewer people make some of these trade offs than could afford to.
I think there is a more fundamental problem with databases and data in general. A lot of what servers do involves shared data - think of the typical CRUD app where multiple people can read or modify the same data, and that is the valuable data.
> If you're truly serious about security, and you're building something from scratch, start by preventing vulnerabilities as far left in the process as possible; and you can't go further left than having a programming language that can prevent certain bugs entirely by-design.
Agreed.