On Mon, 17 Dec 2007, Merlin Moncure wrote:
> the table is pg_proc. you have to revoke select rights from public
> and the user of interest. be aware this will make it very difficult
> for that user to do certain things in psql and (especially) pgadmin.
> it works.
>
> a better solution to this problem is to make a language wrapper for
> pl/pgsql that encrypts the source on disk. afaik, no one is working on
> th is. it would secure the code from remote users but not necessarily
> from people logged in to the server. the pg_proc hack works ok
> though.
>
Another enhancement that would improve this situation would be to
implement per column permissions as the sql spec has, so that you could
revoke select on just the prosrc column and allow clients to retrieve the
metadata they need.
Kris Jurka
