| From: | "Pavel Stehule" <pavel(dot)stehule(at)gmail(dot)com> |
|---|---|
| To: | "Peter Eisentraut" <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: WIP: plpgsql source code obfuscation |
| Date: | 2008-01-29 14:52:46 |
| Message-ID: | 162867790801290652n4129c59bg3c13e68363c8b2e5@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
On 29/01/2008, Peter Eisentraut <peter_e(at)gmx(dot)net> wrote:
> Am Montag, 28. Januar 2008 schrieb Pavel Stehule:
> > this patch define new function flag - OBFUSCATE. With this flag
> > encrypted source code is stored to probin column. Password is stored
> > in GUC_SUPERUSER_ONLY item - it is similar security like SQL Server
> > does (where privileged users can access system tables with source code
> > or can use debugger).
>
> Have you thought about a solution that applies the regular access privileges
> to pg_proc in order to hide some content from less privileged users?
it's second way, and maybe better. It can close way to table
definitions too (and this request is adequate too). But you cannot to
hide complete column, visibility depend on content and it can be slow,
complex :(. Encrypt, decrypt aren't fast too.
Pavel
>
> --
> Peter Eisentraut
> http://developer.postgresql.org/~petere/
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2008-01-29 15:07:38 | NUMERIC key word |
| Previous Message | Andrew Dunstan | 2008-01-29 14:33:30 | Re: WIP: plpgsql source code obfuscation |