On Aug 9, 2007, at 4:47 PM, korry.douglas wrote:
the idea is basically to hide codes - many companies want that and ask for it again and again.
Hide code from who (or is that whom?)?
the code should be hidden from the guy who is actually executing the function.
so:
some user is doing: select func();
the backend loads the keys from PGDATA, decrypts the codes executes them. as a normal user cannot look "into" the backend the code is safe.
the keys are only visible to the sysadmis but not at SQL level.
The PL compiler(s) will need to decrypt the code.
no, the backend will pass the decrypted codes to the call handler.
there is no need for Perl, Python or so to be aware of this issue.
If a compiler can decrypt it, then anyone can decrypt it (because the compilers are open-source).
And the problem is that any user that can run a function must be able to compile that function, and therefore, any user that can run a function must have the decryption key for that function. So, I'm not sure you've secured the source code from any user that can run the function.
why that? the backend is doing the job. the user does not pass the keys. it is a database internal thing. the only idea is to make sure that pg_proc does not contain user readable code.
Of course, if your goal is to hide the code from someone snooping through the pg_proc relation (on disk), then encryption will certainly help (provided the key is properly protected).
no, somebody who has access to the filesystem is not relevant.
just think of shipping some database inside some router or inside some other stuff. the vendor just wants to make sure that other people don't fully understand the "magic" going on.
hans
