| From: | Robert Treat <xzilla(at)users(dot)sourceforge(dot)net> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: protecting prosrc (was Re: [GENERAL] USAGE on schema allowed by |
| Date: | 2002-12-02 20:45:22 |
| Message-ID: | 1038861922.3720.8.camel@camel |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
NOTE: redirecting to hackers
On Mon, 2002-12-02 at 12:50, Joe Conway wrote:
> Tom Lane wrote:
> > For example, something I've heard repeatedly is that people would like to
> > hide the source code of their SQL or PLxxx functions from users who are
> > nonetheless allowed to call those functions. A row-wise selective view of
> > pg_proc can't fix that. In many cases it's less than clear which rows of
> > which catalogs to hide anyway.
>
> It wouldn't be terribly difficult to encrypt prosrc with 3des (or maybe aes)
> using the owner's passwd from pg_shadow. We would need a new bool column in
> pg_proc (proisencrypted?) and some logic in fmgr.c.
>
> Is there sufficient interest to justify the effort?
>
I think this would be a good idea, though there becomes a question of
what type of performance hit comes into play when doing this. I suppose
if you have an option whether to encrypt it or not that would help. One
other thing is that it needs to be "decryptable" by owners and
superusers.
Robert Treat
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christopher Kings-Lynne | 2002-12-02 20:48:38 | Re: 7.4 Wishlist |
| Previous Message | Terry Yapt | 2002-12-02 20:35:59 | Public Schema. |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christopher Kings-Lynne | 2002-12-02 20:48:38 | Re: 7.4 Wishlist |
| Previous Message | Rod Taylor | 2002-12-02 20:36:41 | Re: toast table growing indefinitely? Known |