Re: crypting prosrc in pg_proc - Mailing list pgsql-hackers

From Andrew Sullivan
Subject Re: crypting prosrc in pg_proc
Date
Msg-id 20070809152637.GF4287@phlogiston.dyndns.org
Whole thread Raw
In response to Re: crypting prosrc in pg_proc  (Hans-Juergen Schoenig <postgres@cybertec.at>)
List pgsql-hackers
On Thu, Aug 09, 2007 at 05:16:43PM +0200, Hans-Juergen Schoenig wrote:
> we are shipping appliances - users can only use SQL; no compilers and  
> no SSH logins allowed ...

If you have shipped a physical thing to someone else, then they can
do what they want with it irrespective of what "rules" you think you
have imposed.  If you believe otherwise, then you are deluding
yourself about the security of your approach.  It was this sort of
magical thinking that caused SIM cards, WEP keys, DVD copy
protection, and other such "guaranteed safe" technologies to be
revealed as encumbered with needless weight that may foil casual
users, but that are trivially broken by anyone actually interested in
doing the breaking.

A

-- 
Andrew Sullivan  | ajs@crankycanuck.ca
In the future this spectacle of the middle classes shocking the avant-
garde will probably become the textbook definition of Postmodernism.                --Brad Holland


pgsql-hackers by date:

Previous
From: Andrew Sullivan
Date:
Subject: Re: crypting prosrc in pg_proc
Next
From: "Joshua D. Drake"
Date:
Subject: Re: crypting prosrc in pg_proc