| From: | Hans-Juergen Schoenig <postgres(at)cybertec(dot)at> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Subject: | Re: crypting prosrc in pg_proc |
| Date: | 2007-08-09 14:42:19 |
| Message-ID: | 6F100956-7E00-45A7-B7C1-400FEA834AA0@cybertec.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Aug 9, 2007, at 4:34 PM, Peter Eisentraut wrote:
> Am Donnerstag, 9. August 2007 16:09 schrieb Hans-Juergen Schoenig:
>> the idea is basically to hide codes - many companies want that and
>> ask for it again and again.
>
> If you want to design a security feature, you need to offer a
> threat and risk
> analysis, not just the whining of customers.
>
> --
> Peter Eisentraut
> http://developer.postgresql.org/~petere/
well, the complete analysis is easy - the solution is not.
currently we have basically no option to reduce access to the system
tables. this would be hard anyway as we need those tables for
basically all kinds of operations.
the problem here is that vendors of appliances don't want people to
spider their codes. this is a fact - it is not the idea of open
source to do so but bloody reality. in addition to that people are
not willing to code everything in C just to hide.
so, there has to be a concept to achieve this for stored procedures
somehow.
i am afraid the source level encryption is the easiest thing and most
understandable thing to do.
so, better ideas are welcome.
hans
--
Cybertec Geschwinde & Schönig GmbH
Gröhrmühlgasse 26, 2700 Wiener Neustadt
Tel: +43/1/205 10 35 / 340
www.postgresql.at, www.cybertec.at
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2007-08-09 14:42:49 | Re: crypting prosrc in pg_proc |
| Previous Message | Peter Eisentraut | 2007-08-09 14:34:48 | Re: crypting prosrc in pg_proc |