Re: WIP: plpgsql source code obfuscation

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc: Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>, pgsql-patches <pgsql-patches(at)postgresql(dot)org>
Subject: Re: WIP: plpgsql source code obfuscation
Date: 2008-01-28 17:58:48
Message-ID: 4424.1201543128@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches

Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> Maybe a better TODO would be to do this task in the way that has
> previously been suggested:
> http://archives.postgresql.org/pgsql-hackers/2007-08/msg00258.php
> I'm certainly not happy about any proposal to put a password/key in a
> GUC var - that strikes me as a major footgun.

We didn't really have a better solution to the key management problem,
though, did we? At least I don't see anything about it in that thread.

However, I definitely agree that a separate loadable PL is the way to go
for functionality of this sort. There is no way that a dependency on
pgcrypto is going to be accepted into core, not even in the (ahem)
obfuscated way that it's presented here.

regards, tom lane

In response to

Responses

Browse pgsql-patches by date

  From Date Subject
Next Message Pavel Stehule 2008-01-28 18:14:48 Re: WIP: plpgsql source code obfuscation
Previous Message Pavel Stehule 2008-01-28 17:38:04 Re: WIP: plpgsql source code obfuscation