From: | "Jonathan Bond-Caron" <jbondc(at)openmv(dot)com> |
---|---|
To: | "'Bill Moran'" <wmoran(at)collaborativefusion(dot)com>, "'Tom Lane'" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | "'David Fetter'" <david(at)fetter(dot)org>, "'Greg Smith'" <gsmith(at)gregsmith(dot)com>, "'Postgres General List'" <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Obfuscated stored procedures (was Re: Oracle and Postgresql) |
Date: | 2008-09-16 13:39:03 |
Message-ID: | 003201c91801$95eeaa10$c1cbfe30$@com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-www |
On Tue Sep 16 08:40 AM, Bill Moran wrote:
> In response to Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>:
>
>> Bill Moran <wmoran(at)collaborativefusion(dot)com> writes:
>>> What I'm _asking_ is why would extending SECURITY DEFINER to include
>>> preventing unauthorized users from viewing code _not_ be a valid
>>> method of securing the code.
>>
>> Because it's so full of obvious loopholes. Yes, it might slow down
>> someone who didn't have superuser access to the database or root
>> access to the machine it's on; but that doesn't count as secure
>> really. The problem is that the people who ask for this type of
>> feature are usually imagining that they can put their code on
>> customer-controlled machines and it will be safe from the customer's
>> eyes. Well, it isn't, and I don't think Postgres should encourage
> them to think it is.
>
> Shame that. I can imagine it being a useful feature in certain
> situations (such as a hosted environment), although I understand the
> concern.
>
> Code obfuscation is the norm, though. The world at large still seems
> to believe that compiling code make it secret, despite the fact that
> crooks have demonstrated again and again that they're more than
> willing to read through opcodes, and the fact that there are
> decompilers available for just about every major compiled format.
>
I agree here. I hope there's a consensus that it does offer some level of
protection.
After some research, I found this article that I believe will make a
stronger use case:
http://www.iosn.net/network/news/Managing%20the%20insider%20threat%20through
%20code%20obfuscation
Whether or not it belongs in PG I don't really have an opinion.
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2008-09-16 13:51:29 | Re: DbLink Compilation on Solaris 10 |
Previous Message | Gregory Williamson | 2008-09-16 13:38:35 | Re: Obfuscated stored procedures (was Re: Oracle and Postgresql) |
From | Date | Subject | |
---|---|---|---|
Next Message | Glyn Astill | 2008-09-16 13:55:16 | Re: Obfuscated stored procedures (was Re: Oracle and Postgresql) |
Previous Message | Gregory Williamson | 2008-09-16 13:38:35 | Re: Obfuscated stored procedures (was Re: Oracle and Postgresql) |