Skip site navigation (1) Skip section navigation (2)

Re: WIP: plpgsql source code obfuscation

From: "Pavel Stehule" <pavel(dot)stehule(at)gmail(dot)com>
To: "Dave Page" <dpage(at)postgresql(dot)org>
Cc: pgsql-patches <pgsql-patches(at)postgresql(dot)org>
Subject: Re: WIP: plpgsql source code obfuscation
Date: 2008-01-28 14:26:54
Message-ID: 162867790801280626j39c7e66bqe48a713eabb7bcca@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-patches
On 28/01/2008, Dave Page <dpage(at)postgresql(dot)org> wrote:
> On Jan 28, 2008 12:51 PM, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> wrote:
> > Hello
> >
> > this patch define new function flag - OBFUSCATE. With this flag
> > encrypted source code is stored to probin column. Password is stored
> > in GUC_SUPERUSER_ONLY item - it is similar security like SQL Server
> > does (where privileged users can access system tables with source code
> > or can use debugger).
> >
> > ToDo: Dump
>
> Without making any comment of whether or not we should actually do
> this, a flag in pg_proc to indicate that the function is obfuscated
> would be handy for apps like pgAdmin, rather than assuming a - in
> prosrc has that meaning (which may be valid for some interpreters).

sure, but do you know, Tom dislikes new columns in pg_proc :). This
patch is usable sample of one possible solution and doesn't need
initdb. And there is dependency on pgcrypto :(. But it is simply and
it does all what is expected. Some customers wonted it. But I am not
sure if similar patch can be accepted - this is prototype. And when
I'll have some signals so patch can be commited I'll send final
version with obfuscate col in pg_proc. Any patch of pg_proc needs two
hours of work, and any change needs actualization - so lot of maybe
useless work.

Pavel


>
> /D
>

In response to

Responses

pgsql-patches by date

Next:From: Dave PageDate: 2008-01-28 14:34:06
Subject: Re: WIP: plpgsql source code obfuscation
Previous:From: Florian G. PflugDate: 2008-01-28 14:23:19
Subject: Re: [8.4] Updated WITH clause patch (non-recursive)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group