| From: | Bill Moran <wmoran(at)collaborativefusion(dot)com> |
|---|---|
| To: | "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com> |
| Cc: | "'pgsql-performance(at)postgresql(dot)org'" <pgsql-performance(at)postgresql(dot)org> |
| Subject: | Re: viewing source code |
| Date: | 2007-12-14 15:25:26 |
| Message-ID: | 20071214102526.2bc08bc4.wmoran@collaborativefusion.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-performance |
In response to "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com>:
> Is it possible yet in PostgreSQL to hide the source code of functions from
> users based on role membership? I would like to avoid converting the code
> to C to secure the source code and I don't want it obfuscated either.
>
> In an ideal world, if a user can't modify a function, he/she shouldn't be
> able to see the source code. If the user can execute the function, then the
> user should be able to see the signature of the function but not the body.
I doubt that's going to happen. Mainly because I disagree completely
with your ideal world description (any user who can execute a function
should have the right to examine it to see what it actually does).
I suspect that others would agree with me, the result being that there's
no universally-agreed-on approach. As a result, what _really_ needs to
be done is an extra permission bit added to functions so administrators
can control who can view the function body.
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/
wmoran(at)collaborativefusion(dot)com
Phone: 412-422-3463x4023
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Roberts, Jon | 2007-12-14 15:35:47 | Re: viewing source code |
| Previous Message | Kevin Grittner | 2007-12-14 15:19:11 | Re: Heavy write activity on first vacuum of fresh TOAST data |