The more you seek security, the less of it you have.
We've seen how software construction is like building a house (see "DO WE REALLY BUILD SOFTWARE?" on page 177, and Chapter 14). We must learn to secure our programs just like we'd protect a house, locking all doors and windows, employing a sentry, and adding security mechanisms (like a burglar alarm, electronic pass cards, identity badges, etc.). But you must still be constantly vigilant: A door can be left ajar regardless of any fancy lock devices, and a burglar alarm can be left unset.
Our software security strategies apply at different levels:
- The system installation
The exact OS configuration, network infrastructure, and version numbers of all running applications ...