> On 2 Dec 2022, at 14:00, Pasi Oja-Nisula <pon@iki.fi> wrote:
>
> On Fri, 2 Dec 2022 at 02:24, raf <raf@raf.org> wrote:
>> Same here. Accessing the loaded stored procedure source
>> is how I audit the state of stored procedures in the
>> database against the code in the code repository.
>
> Exactly. If our software is audited, how can I reliably prove to auditor
> that the running version of the procedure has not been tampered with
> either by customer, rogue developer or some malicious party?
How do you today prove that for other compiled programs in your system?
--
Daniel Gustafsson https://vmware.com/