Home > mailing lists

Re: function body actors (was: [PERFORM] viewing source code) - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: function body actors (was: [PERFORM] viewing source code)
Date	December 21, 2007 20:19:58
Msg-id	12277.1198271991@sss.pgh.pa.us Whole thread Raw
In response to	Re: function body actors (was: [PERFORM] viewing source code) (Andrew Sullivan <ajs@crankycanuck.ca>)
Responses	Re: function body actors (was: [PERFORM] viewing source code)
List	pgsql-hackers

Tree view

Andrew Sullivan <ajs@crankycanuck.ca> writes:
> Hmm; this may be exactly part of the problem, though.  It seems there are
> two possible cases in play:

> 1.    Protect the content in the database (in this case, function bodies)
> from _all_ users on a given server.  This is a case where you want to
> protect (say) your function body from your users, because you have a
> closed-source application.  

> 2.    Protect the content of a field from _some_ users on a given system,
> based on the permissions they hold.  This is roughly analagous to others not
> being able to look in the table I created, because I haven't GRANTed them
> permission.

I would argue that (2) is reasonably well served today by setting up
separate databases for separate users.  The people who are complaining
seem to want to send out a set of functions into a hostile environment,
which is surely case (1).
        regards, tom lane

pgsql-hackers by date:

From: Bruce Momjian
Date: 21 December 2007, 20:06:24
Subject: Re: pgindent issue with EXEC_BACKEND-only typedefs

From: Andrew Sullivan
Date: 21 December 2007, 20:47:55
Subject: Re: function body actors (was: [PERFORM] viewing source code)

Re: function body actors (was: [PERFORM] viewing source code) - Mailing list pgsql-hackers

Previous

Next