[dkjaudyeqooe]

> I think where things can really go wrong is when the DB accepts anything the application layer thinks is valid.

No, my view is the opposite of that: the database doesn't allow anything invalid to enter the database.

[bvirb]

Hmm well if I understand you correctly that's what I was saying as well:

Things go wrong when the DB trusts the application layer (rather than doing its own validation) -- e.g. the DB should control what is valid data, not the application layer.