| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>, pgsql-patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: WIP: plpgsql source code obfuscation |
| Date: | 2008-01-28 21:04:38 |
| Message-ID: | 7112.1201554278@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> Tom Lane wrote:
>> However, I definitely agree that a separate loadable PL is the way to go
>> for functionality of this sort. There is no way that a dependency on
>> pgcrypto is going to be accepted into core, not even in the (ahem)
>> obfuscated way that it's presented here.
> If we do anything in core it could be to make provision for an
> obfuscation/encryption hook via a loadable module.
My recollection is that certain cryptography laws make hooks for crypto
just as problematic as actual crypto code. We'd have to tread very
carefully --- "general purpose" hooks are OK but anything narrowly
tailored to encryption purposes would be a hazard. This is one reason
that I'd prefer to see it as an external PL rather than embedded in core.
> Various interesting encoding issues could arise with dumping and
> restoring transformed program text - I haven't thought that through yet.
I think we have already solved that with md5 passwords, and could easily
reuse the same kind of approach. You just base64 encode the crypted
text (or whatever you need to do to avoid funny characters in it), and
make sure that there's some way to distinguish already-crypted from
not-already-crypted function bodies.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Fetter | 2008-01-28 21:19:46 | Re: Auto-explain patch |
| Previous Message | Tom Lane | 2008-01-28 20:56:21 | Re: WIP: plpgsql source code obfuscation |