Re: crypting prosrc in pg_proc

On Fri, Aug 10, 2007 at 12:11:01PM -0700, Steve Atkins wrote:
> >If someone just went and did "select * from pg_proc" they could
> >claim they
> >weren't violating their EULA or any protection you had put in
> >place. If they
> >went through the trouble having to de-obfuscate it then you would
> >have a
> >strong DMCA claim in the US.
>
> If doing so would violate their contract with you then it'll violate
> their contract (and make them liable for large amounts of liquidated
> damages) whether they violate the DMCA or not.

And what if someone just happens to run \df+ because he doesn't know any
better?

> If the code in question isn't important enough to your business that
> you have a signed contract with those using it, then it's not really
> that important.

Yes, but I'm betting (IANAL) that if you make your trade secrets "easily
accessible" that suddenly your standing in a court of law just got a lot
weaker.

This is a debate I've dealt with in the past, working for a company that
does wide-area distributed computing. People don't want their data
spread all over creation in clear-text, even though it's entirely
possible for someone to connect to a running client with a debugger and
get a memory dump.

As I said before, I don't care what security you come up with, *it can
be broken*. The point of security measures isn't to make it impossible
to break the security, it's to make it more difficult than it's worth.
--
Decibel!, aka Jim Nasby decibel(at)decibel(dot)org
EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)