Thread: Sugestion for PostgreSQL Developer´s TEAM!

Sugestion for PostgreSQL Developer´s TEAM!

From

"Marcio"

Date:

03 November 2006, 12:11:21

I have a sugestion for pgsql 8.2 or next versions ...
Is complicated encrypt the procedures/functions on Database like Oracle or
similar?
I sugest this because we develop ERP/MRP with complex routines and we like
hide all of this routines...this is our "business secret".
I know if we write this code in C, for example....is possible to hide. But,
we prefer pl/pgsql native.
Thank´s,

Marcio
Delphi7+postgresql 8.x

Re: Sugestion for PostgreSQL Developer´s TEAM!

From

Peter Eisentraut

Date:

03 November 2006, 13:26:41

Marcio wrote:
> Is complicated encrypt the procedures/functions on Database like
> Oracle or similar?

In order to execute the code you will have to be able to read it, so
there will be no security gained by encryption.

--
Peter Eisentraut
http://developer.postgresql.org/~petere/

Re: Sugestion for PostgreSQL Developer´s

From

Jorge Godoy

Date:

03 November 2006, 15:52:14

"Marcio" <marcio@oracullos.com.br> writes:

> I have a sugestion for pgsql 8.2 or next versions ...
> Is complicated encrypt the procedures/functions on Database like Oracle or
> similar?
> I sugest this because we develop ERP/MRP with complex routines and we like
> hide all of this routines...this is our "business secret".
> I know if we write this code in C, for example....is possible to hide. But,
> we prefer pl/pgsql native.
> Thank´s,
>
> Marcio
> Delphi7+postgresql 8.x

>From my understanding the problem is that Oracle supports just "one" language
while PostgreSQL has an extensible system.

Some of the supported languages doesn't support a compiled version of their
code (or the interpreter that will run the code needs access to it).

You don't need to have the routines embedded in the database if it is so
important.  You can use untrusted languages and save the compiled versions
outside of it (Java and Python can run from "compiled" code outside of the
database).  All you need is to create a function that will "import" those
external modules and use them for the calculations / logic.

--
Jorge Godoy      <jgodoy@gmail.com>

Re: Sugestion for PostgreSQ

From

Bruno Wolff III

Date:

08 November 2006, 00:16:12

On Fri, Nov 03, 2006 at 09:50:01 -0200,
  Marcio <marcio@oracullos.com.br> wrote:
> I have a sugestion for pgsql 8.2 or next versions ...
> Is complicated encrypt the procedures/functions on Database like Oracle or
> similar?
> I sugest this because we develop ERP/MRP with complex routines and we like
> hide all of this routines...this is our "business secret".
> I know if we write this code in C, for example....is possible to hide. But,
> we prefer pl/pgsql native.
> Thank´s,

One solution is to run the database and the application that connects to
it on a machine your business controls and only allow customers to connect
to the application (and not directly to the database).

Another is to have a contract that limits what your customers can do with
the information gained from seeing your propietary code.