Re: Obfuscated stored procedures (was Re: Oracle and Postgresql)

From: "Jonathan Bond-Caron" <jbondc(at)openmv(dot)com>
To: "'Bill Moran'" <wmoran(at)collaborativefusion(dot)com>, "'Tom Lane'" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: "'David Fetter'" <david(at)fetter(dot)org>, "'Greg Smith'" <gsmith(at)gregsmith(dot)com>, "'Postgres General List'" <pgsql-general(at)postgresql(dot)org>
Subject: Re: Obfuscated stored procedures (was Re: Oracle and Postgresql)
Date: 2008-09-16 13:39:03
Message-ID: 003201c91801$95eeaa10$c1cbfe30$@com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general pgsql-www

On Tue Sep 16 08:40 AM, Bill Moran wrote:
> In response to Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>:
>
>> Bill Moran <wmoran(at)collaborativefusion(dot)com> writes:
>>> What I'm _asking_ is why would extending SECURITY DEFINER to include
>>> preventing unauthorized users from viewing code _not_ be a valid
>>> method of securing the code.
>>
>> Because it's so full of obvious loopholes. Yes, it might slow down
>> someone who didn't have superuser access to the database or root
>> access to the machine it's on; but that doesn't count as secure
>> really. The problem is that the people who ask for this type of
>> feature are usually imagining that they can put their code on
>> customer-controlled machines and it will be safe from the customer's
>> eyes. Well, it isn't, and I don't think Postgres should encourage
> them to think it is.
>
> Shame that. I can imagine it being a useful feature in certain
> situations (such as a hosted environment), although I understand the
> concern.
>
> Code obfuscation is the norm, though. The world at large still seems
> to believe that compiling code make it secret, despite the fact that
> crooks have demonstrated again and again that they're more than
> willing to read through opcodes, and the fact that there are
> decompilers available for just about every major compiled format.
>

I agree here. I hope there's a consensus that it does offer some level of
protection.

After some research, I found this article that I believe will make a
stronger use case:
http://www.iosn.net/network/news/Managing%20the%20insider%20threat%20through
%20code%20obfuscation

Whether or not it belongs in PG I don't really have an opinion.

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Tom Lane 2008-09-16 13:51:29 Re: DbLink Compilation on Solaris 10
Previous Message Gregory Williamson 2008-09-16 13:38:35 Re: Obfuscated stored procedures (was Re: Oracle and Postgresql)

Browse pgsql-www by date

  From Date Subject
Next Message Glyn Astill 2008-09-16 13:55:16 Re: Obfuscated stored procedures (was Re: Oracle and Postgresql)
Previous Message Gregory Williamson 2008-09-16 13:38:35 Re: Obfuscated stored procedures (was Re: Oracle and Postgresql)