Re: protecting prosrc (was Re: [GENERAL] USAGE on schema allowed by - Mailing list pgsql-hackers

From Robert Treat
Subject Re: protecting prosrc (was Re: [GENERAL] USAGE on schema allowed by
Date
Msg-id 1038861922.3720.8.camel@camel
Whole thread Raw
Responses Re: protecting prosrc (was Re: [GENERAL] USAGE on schema
List pgsql-hackers
NOTE: redirecting to hackers

On Mon, 2002-12-02 at 12:50, Joe Conway wrote:
> Tom Lane wrote:
> > For example, something I've heard repeatedly is that people would like to
> > hide the source code of their SQL or PLxxx functions from users who are
> > nonetheless allowed to call those functions.  A row-wise selective view of
> > pg_proc can't fix that.  In many cases it's less than clear which rows of
> > which catalogs to hide anyway.
> 
> It wouldn't be terribly difficult to encrypt prosrc with 3des (or maybe aes) 
> using the owner's passwd from pg_shadow. We would need a new bool column in 
> pg_proc (proisencrypted?) and some logic in fmgr.c.
> 
> Is there sufficient interest to justify the effort?
> 

I think this would be a good idea, though there becomes a question of
what type of performance hit comes into play when doing this. I suppose
if you have an option whether to encrypt it or not that would help.  One
other thing is that it needs to be "decryptable" by owners and
superusers. 

Robert Treat



pgsql-hackers by date:

Previous
From: Rod Taylor
Date:
Subject: Re: toast table growing indefinitely? Known
Next
From: "Christopher Kings-Lynne"
Date:
Subject: Re: 7.4 Wishlist