Skip site navigation (1) Skip section navigation (2)

Re: viewing source code

From: "Merlin Moncure" <mmoncure(at)gmail(dot)com>
To: "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com>
Cc: "Alvaro Herrera" <alvherre(at)commandprompt(dot)com>, "Trevor Talbot" <quension(at)gmail(dot)com>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, "Kris Jurka" <books(at)ejurka(dot)com>, "Jonah H(dot) Harris" <jonah(dot)harris(at)gmail(dot)com>, "Bill Moran" <wmoran(at)collaborativefusion(dot)com>, pgsql-performance(at)postgresql(dot)org
Subject: Re: viewing source code
Date: 2007-12-20 14:30:07
Message-ID: b42b73150712200630k5b53ded7o45bbd86798906174@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-performance
On Dec 20, 2007 9:07 AM, Roberts, Jon <Jon(dot)Roberts(at)asurion(dot)com> wrote:
> So your suggestion is first to come up with a query that dynamically checks
> permissions and create a view for it.  Secondly, change pgAdmin to reference
> this view in place of pg_proc.  Actually, it should be extended to all

This solution will not work.  It requires cooperation from pgAdmin
which is not going to happen and does nothing about psql or direct
queries from within pgadmin.  Considered from a security/obfuscation
perspective,  its completely ineffective.  As I've said many times,
there are only two solutions to this problem:

1. disable permissions to pg_proc and deal with the side effects
(mainly, pgadmin being broken).

2. wrap procedure languages in encrypted handler (pl/pgsql_s) so that
the procedure code is encrypted in pg_proc.  this is an ideal
solution, but the most work.

merlin

In response to

pgsql-performance by date

Next:From: Anton MelserDate: 2007-12-20 16:23:36
Subject: Re: Reinitialising stats once only without restarting
Previous:From: Roberts, JonDate: 2007-12-20 14:07:56
Subject: Re: viewing source code

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group