Re: Securing stored procedures and triggers - Mailing list pgsql-general

---

From: Reg Me Please [mailto:regmeplease@gmail.com]
To: pgsql-general@postgresql.org
Sent: Wed, 31 Oct 2007 14:26:51 -0400
Subject: Re: [GENERAL] Securing stored procedures and triggers

There's not bulletproof way, in my opinion.

If they copy the whole DB structure *and* the object binaries they'll
have the very same functionalities!

Il Wednesday 31 October 2007 16:13:23 Douglas McNaught ha scritto:
> mgould <mgould@allcoast.net> writes:
> > We are currently migrating from Sybase's ASA 9/10 to PostGres 8.2.4.
> > One of the features that is really nice in ASA is the ability to add
> > the attribute hidden to a Create procedure, Create function and
> > Create trigger. Essentially what this does is encrypt the code so
> > that if anyone or any utility gets into the database they cannot see
> > any of the actual code. This is a great feature for protecting
> > intellectual processing techniques. I don't know if there is anyway
> > to do this in PostGres. Before the hidden feature was added, we had
> > a competitor steal some of our stored procedure processing code. Is
> > there anyway to protect this from happening in PostGres?
>
> The only bulletproof way to do this currently is to write all your
> stored functions in C and load them as a shared library.
>
> -Doug
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo@postgresql.org so that your
> message can get through to the mailing list cleanly

--
Reg me Please

---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster