On Fri, Dec 21, 2007 at 12:09:28AM -0500, Merlin Moncure wrote:
> Maybe a key management solution isn't required. If, instead of
> strictly wrapping a language with an encryption layer, we provide
> hooks (actors) that have the ability to operate on the function body
> when it arrives and leaves pg_proc, we may sidestep the key problem
> (leaving it to the user) and open up the doors to new functionality at
> the same time.
I like this idea much better, because the same basic mechanism can be used
for more than one thing, and it doesn't build in a system that is
fundamentally weak. Of course, you _can_ build a weak system this way, but
there's an important difference between building a fundamentally weak system
and making weak systems possible.
A