On 8/10/07, Decibel! <decibel@decibel.org> wrote:
> As I said before, I don't care what security you come up with, *it can
> be broken*. The point of security measures isn't to make it impossible
> to break the security, it's to make it more difficult than it's worth.
I agree... but this type of security is really only
security-through-obscurity. If the source code is out there (because
it's open source), it's not difficult at all. The code to
encrypt/obfuscate it and decrypt/execute it will all be out there.
Anyone with a couple years of programming experience could strip it
out and create a utility for it in a couple hours. My bet is that it
wouldn't even be a monetary-driven exercise... just some geek doing it
to see if he/she could.
As there's basically no security provided, I just don't see any reason
to spend the effort adding something like this to PostgreSQL.
--
Jonah H. Harris, Software Architect | phone: 732.331.1324
EnterpriseDB Corporation | fax: 732.331.1301
33 Wood Ave S, 3rd Floor | jharris@enterprisedb.com
Iselin, New Jersey 08830 | http://www.enterprisedb.com/
