| From: | "Jonah H(dot) Harris" <jonah(dot)harris(at)gmail(dot)com> |
|---|---|
| To: | Decibel! <decibel(at)decibel(dot)org> |
| Cc: | "Steve Atkins" <steve(at)blighty(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: crypting prosrc in pg_proc |
| Date: | 2007-08-10 19:55:15 |
| Message-ID: | 36e682920708101255q19f89fb4wec5232a341781a26@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 8/10/07, Decibel! <decibel(at)decibel(dot)org> wrote:
> As I said before, I don't care what security you come up with, *it can
> be broken*. The point of security measures isn't to make it impossible
> to break the security, it's to make it more difficult than it's worth.
I agree... but this type of security is really only
security-through-obscurity. If the source code is out there (because
it's open source), it's not difficult at all. The code to
encrypt/obfuscate it and decrypt/execute it will all be out there.
Anyone with a couple years of programming experience could strip it
out and create a utility for it in a couple hours. My bet is that it
wouldn't even be a monetary-driven exercise... just some geek doing it
to see if he/she could.
As there's basically no security provided, I just don't see any reason
to spend the effort adding something like this to PostgreSQL.
--
Jonah H. Harris, Software Architect | phone: 732.331.1324
EnterpriseDB Corporation | fax: 732.331.1301
33 Wood Ave S, 3rd Floor | jharris(at)enterprisedb(dot)com
Iselin, New Jersey 08830 | http://www.enterprisedb.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Simon Riggs | 2007-08-10 19:59:39 | Re: Unexpected VACUUM FULL failure |
| Previous Message | Decibel! | 2007-08-10 19:30:12 | Re: crypting prosrc in pg_proc |