Skip site navigation (1) Skip section navigation (2)

Re: WIP: plpgsql source code obfuscation

From: Andrew Dunstan <andrew(at)dunslane(dot)net>
To: Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>
Cc: pgsql-patches <pgsql-patches(at)postgresql(dot)org>
Subject: Re: WIP: plpgsql source code obfuscation
Date: 2008-01-28 14:55:56
Message-ID: 479DECFC.7070502@dunslane.net (view raw or flat)
Thread:
Lists: pgsql-patches

Pavel Stehule wrote:
> Hello
>
> this patch define new function flag - OBFUSCATE. With this flag
> encrypted source code is stored to probin column. Password is stored
> in GUC_SUPERUSER_ONLY item - it is similar security like SQL Server
> does (where privileged users can access system tables with source code
> or can use debugger)
>   
> ToDo: Dump
>   

Maybe a better TODO would be to do this task in the way that has 
previously been suggested:  
http://archives.postgresql.org/pgsql-hackers/2007-08/msg00258.php

I'm certainly not happy about any proposal to put a password/key in a 
GUC var - that strikes me as a major footgun.

cheers

andrew



In response to

Responses

pgsql-patches by date

Next:From: Pavel StehuleDate: 2008-01-28 15:45:15
Subject: Re: WIP: plpgsql source code obfuscation
Previous:From: Pavel StehuleDate: 2008-01-28 14:40:41
Subject: Re: WIP: plpgsql source code obfuscation

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group