Skip site navigation (1) Skip section navigation (2)

Re: function body actors (was: [PERFORM] viewing source code)

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Merlin Moncure" <mmoncure(at)gmail(dot)com>
Cc: "Andrew Sullivan" <ajs(at)crankycanuck(dot)ca>, "Pgsql Hackers" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: function body actors (was: [PERFORM] viewing source code)
Date: 2007-12-21 18:57:44
Message-ID: 10257.1198263464@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-performance
"Merlin Moncure" <mmoncure(at)gmail(dot)com> writes:
> ISTM the main issue is how exactly the authenticated user interacts
> with the actor to give it the information it needs to get the real
> key.  This is significant because we don't want to be boxed into an
> actor implementation that doesn't allow that interaction.

We don't?  What purpose would such a setup serve?  I would think
that for the applications we have in mind, the *last* thing you
want is for the end user to hold the key.  The whole point of this
is to keep him from seeing the function source code, remember?

Andrew's suggestion of an outside-the-database key server is
apropos, but I think it would end up being a situation where
the key server is under the control of whoever wrote the function
and wants to guard it against the end user.  The key server would
want some kind of authentication token but I think that could
perfectly well be an ID for the database server, not the individual
end user.  There's no need for anything as awkward as an interactive
sign-on, AFAICS.

			regards, tom lane

In response to

Responses

pgsql-performance by date

Next:From: Trevor TalbotDate: 2007-12-21 19:02:43
Subject: Re: viewing source code
Previous:From: Merlin MoncureDate: 2007-12-21 17:48:51
Subject: Re: function body actors (was: [PERFORM] viewing source code)

pgsql-hackers by date

Next:From: Tom LaneDate: 2007-12-21 18:59:21
Subject: Re: Postgres.bki
Previous:From: Pedro BelminoDate: 2007-12-21 18:09:06
Subject: Postgres.bki

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group