Re: Obfuscated stored procedures (was Re: Oracle and Postgresql)

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bill Moran <wmoran(at)collaborativefusion(dot)com>
Cc: David Fetter <david(at)fetter(dot)org>, Greg Smith <gsmith(at)gregsmith(dot)com>, Jonathan Bond-Caron <jbondc(at)openmv(dot)com>, "'Postgres General List'" <pgsql-general(at)postgresql(dot)org>
Subject: Re: Obfuscated stored procedures (was Re: Oracle and Postgresql)
Date: 2008-09-16 02:19:20
Message-ID: 16972.1221531560@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general pgsql-www

Bill Moran <wmoran(at)collaborativefusion(dot)com> writes:
> What I'm _asking_ is why would extending SECURITY DEFINER to include
> preventing unauthorized users from viewing code _not_ be a valid method
> of securing the code.

Because it's so full of obvious loopholes. Yes, it might slow down
someone who didn't have superuser access to the database or root access
to the machine it's on; but that doesn't count as secure really. The
problem is that the people who ask for this type of feature are usually
imagining that they can put their code on customer-controlled machines
and it will be safe from the customer's eyes. Well, it isn't, and
I don't think Postgres should encourage them to think it is.

regards, tom lane

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Gauthier, Dave 2008-09-16 02:28:06 left outer join on 3 tables ?
Previous Message Bill Moran 2008-09-16 02:11:36 Re: Obfuscated stored procedures (was Re: Oracle and Postgresql)

Browse pgsql-www by date

  From Date Subject
Next Message Guido Barosio 2008-09-16 04:19:52 Fwd: 8FA9-8F0A-2C0E : REMINDER from pgsql-general
Previous Message Bill Moran 2008-09-16 02:11:36 Re: Obfuscated stored procedures (was Re: Oracle and Postgresql)