On Dec 20, 2007 5:28 PM, Alvaro Herrera <alvherre@commandprompt.com> wrote:
> > I don't really agree that wrapping pl/pgsql with encryptor/decryptor
> > is a bad idea.
>
> Right. But do you agree that it is separate from having hidden prosrc?
> If we can complete a design then let's shot that way, and aim at
> encryption sometime in the future :-)
>
> I have to note that I would probably not be the one to actually produce
> a patch in this direction, or even to work on a working, detailed design
> :-) You just read Joshua's opinion on this issue and I don't think I
> need to say more :-)
it is separate. doing it hiding prosrc way requires, as i see it a)
row/col security, or b) view switcheroo
row/col security is great but views (IMO) are a better approach to
this generally. archives is of course replete with numerous generally
fruitless treatments of both topics.
view switcheroo is more of a 'do the ends justify the means' debate.
this could turn into a big discussion about what else could be done
with the system catalogs.
since its not really all that difficult to disable access to pg_proc,
and there are relatively few side effects outside of hosing pgadmin, i
don't think the ends do justify the means at least in terms of
internal server changes. If the necessary features get added in for
other reasons, then perhaps...
wrapping language handlers is interesting from other angles too. many
times I've wanted to do preprocessing on functions without sacrificing
ability of pasting from psql.
merlin
