[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] GNUmed v 0.1 questions
|
From: |
Tim Churches |
|
Subject: |
Re: [Gnumed-devel] GNUmed v 0.1 questions |
|
Date: |
Sat, 24 Dec 2005 12:34:18 +1100 |
|
User-agent: |
Mozilla Thunderbird 1.0 (Windows/20041206) |
Karsten Hilbert wrote:
> On Sat, Dec 24, 2005 at 10:39:57AM +1100, Tim Churches wrote:
>
>
>>By "non-working" I think that Jim may mean "demo" or "test" as opposed
>>to "production" i.e. a database where people can store their own data,
>>safely. The point is that people may mistakenly think that, having
>>installed GNUmed v0.1 or booted teh CD, they are OK to strt entering
>>real patient data.
>
> Hopefully he means that.
>
>
>>Remember that almost no-one reads README files or
>>other instructions, until it is too late.
>
> Do you think it'd be useful to add "banner" support to our
> database ? Eg when people connect to a given database
> there's a banner available in a certain table the content of
> which is to be displayed by the client such that people can
> be warned or notified about some things ? If that table were
> empty no message would be displayed which would be the
> no-hassle case for production sites ?
The potential problem is a malicious back-end mimicking a trusted
back-end. Your solution doesn't help there. A PKI-based system to verify
the identity of the back-end server would be one solution, but the
social engineering required is complex. No-one else worries about this,
and I'd suggest that GNUmed doesn't, at least not until version 1.1 -
for now, your banner idea sound good.
Tim C