| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | Andrew Sullivan <ajs(at)crankycanuck(dot)ca> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Protecting stored procedures |
| Date: | 2011-04-07 17:16:46 |
| Message-ID: | 1302196606.23164.37.camel@jd-desktop |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Thu, 2011-04-07 at 12:45 -0400, Andrew Sullivan wrote:
> On Thu, Apr 07, 2011 at 09:31:20AM -0500, Michael Gould wrote:
> > We wouldn't make any of the system users a superuser in Postgres and in my
> > 20+ years experience in the industry we provide software for, the
> > possibility of having any users of the system that are able to hack or even
> > understand what they have if they were able to is slim.
>
> So you aren't afraid your users are going to take this code, but you
> want to put (relatively meaningless) protection in place anyway?
>
> I guess maybe the security definer functions might help you.
As someone mentioned previously, there is also pl/secure. It certainly
isn't perfect but it will deal with the low hanging fruit.
Sincerely,
Joshua D. Drake
--
PostgreSQL.org Major Contributor
Command Prompt, Inc: http://www.commandprompt.com/ - 509.416.6579
Consulting, Training, Support, Custom Development, Engineering
http://twitter.com/cmdpromptinc | http://identi.ca/commandprompt
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Scott Marlowe | 2011-04-07 17:45:39 | Re: Protecting stored procedures |
| Previous Message | Andrew Sullivan | 2011-04-07 16:45:05 | Re: Protecting stored procedures |