On Thu, Aug 09, 2007 at 04:50:53PM +0200, Zdenek Kotala wrote:
> Hans-Juergen Schoenig napsal(a):
> >the idea is basically to hide codes - many companies want that and ask
> >for it again and again.
> >
> >i would suggest keys to reside in $PGDATA. we do this for SSL and so
> >already.
> >
> >initdb could create such keys so that they are unique to every database
> >instance.
> >decrypting could be avoided as much as possible basically we should just
> >decrypt on first all and when it changes.
>
> But, Companies want to hide code also because they distribute their
> software. If you store key somewhere on server, user will be able to
> decrypt the original code.
If folks keep that argument up, we'll never, ever get this useful
feature.
I don't care *what* security you implement (maybe short of quantum
physics), given enough time and motivation, someone can break it. That's
not the point here... the point is just to make it more difficult for
someone to obtain the source code for procedures. Right now, anyone who
can connect to the database can see *everything*.
This is also related to the desire to be able to restrict access to the
catalog tables. Doing so could potentially solve this problem; it also
solves other issues (such as being able to see all the databases that
exist on a server, something that hosting environments care about).
--
Decibel!, aka Jim Nasby decibel@decibel.org
EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)