| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> |
| Cc: | pgsql-patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: WIP: plpgsql source code obfuscation |
| Date: | 2008-01-28 14:55:56 |
| Message-ID: | 479DECFC.7070502@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Pavel Stehule wrote:
> Hello
>
> this patch define new function flag - OBFUSCATE. With this flag
> encrypted source code is stored to probin column. Password is stored
> in GUC_SUPERUSER_ONLY item - it is similar security like SQL Server
> does (where privileged users can access system tables with source code
> or can use debugger)
>
> ToDo: Dump
>
Maybe a better TODO would be to do this task in the way that has
previously been suggested:
http://archives.postgresql.org/pgsql-hackers/2007-08/msg00258.php
I'm certainly not happy about any proposal to put a password/key in a
GUC var - that strikes me as a major footgun.
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2008-01-28 15:45:15 | Re: WIP: plpgsql source code obfuscation |
| Previous Message | Pavel Stehule | 2008-01-28 14:40:41 | Re: WIP: plpgsql source code obfuscation |