| From: | "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com> | 
|---|---|
| To: | 'Bill Moran' <wmoran(at)collaborativefusion(dot)com> | 
| Cc: | "'pgsql-performance(at)postgresql(dot)org'" <pgsql-performance(at)postgresql(dot)org> | 
| Subject: | Re: viewing source code | 
| Date: | 2007-12-14 15:35:47 | 
| Message-ID: | 1A6E6D554222284AB25ABE3229A927621129EC@nrtexcus702.int.asurion.com | 
| Views: | Whole Thread | Raw Message | Download mbox | Resend email | 
| Thread: | |
| Lists: | pgsql-performance | 
> > In an ideal world, if a user can't modify a function, he/she shouldn't
> be
> > able to see the source code.  If the user can execute the function, then
> the
> > user should be able to see the signature of the function but not the
> body.
> 
> I doubt that's going to happen.  Mainly because I disagree completely
> with your ideal world description (any user who can execute a function
> should have the right to examine it to see what it actually does).
> 
That is like saying anyone that has rights to call a web service should be
able to see the source code for it.  There should be the ability to create
some level of abstraction when appropriate.
However, in the current configuration, all users with permission to log in
can see all source code.  They don't have rights to execute the functions
but they can see the source code for them.  Shouldn't I be able to revoke
both the ability to execute and the ability to see functions?
Jon
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Matthew | 2007-12-14 15:42:33 | Re: Heavy write activity on first vacuum of fresh TOASTa | 
| Previous Message | Bill Moran | 2007-12-14 15:25:26 | Re: viewing source code |