From: | Bill Moran <wmoran(at)collaborativefusion(dot)com> |
---|---|
To: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
Cc: | "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com>, "'pgsql-performance(at)postgresql(dot)org'" <pgsql-performance(at)postgresql(dot)org> |
Subject: | Re: viewing source code |
Date: | 2007-12-14 19:03:30 |
Message-ID: | 20071214140330.ebc4e5dc.wmoran@collaborativefusion.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-performance |
In response to "Joshua D. Drake" <jd(at)commandprompt(dot)com>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Fri, 14 Dec 2007 11:18:49 -0500
> Bill Moran <wmoran(at)collaborativefusion(dot)com> wrote:
>
> > > That is like saying anyone that has rights to call a web service
> > > should be able to see the source code for it.
> >
> > I think that's a good idea. If vendors were forced publish their
> > code, we'd have less boneheaded security breaches.
>
> Not all closed source code is subject to boneheaded security breaches.
> I believe that this individuals request is a valid one from a business
> requirements perspective.
I could go into all sorts of philosophical debates on this ... for example,
"not all drivers are stupid enough to ram their cars into other things,
yet we still have seatbelt laws in the US."
> > > There should be the ability to create
> > > some level of abstraction when appropriate.
> >
> > I agree. If vendors want to have boneheaded security breaches, they
> > should be allowed.
>
> It is not up to your or me to make the determination of what people are
> able to do with their code.
That's what I said. Despite my cynical nature, I _do_ believe in
allowing people to shoot their own foot. Sometimes it's funny to
watch.
Any, yes, there are some folks who have very good QA and documentation
teams and can avoid pitfalls of security breaches and poorly documented
functions with unexpected side-effects. Even if they're not that
brilliant, they deserve the right to make their own choices.
> > > However, in the current configuration, all users with permission to
> > > log in can see all source code. They don't have rights to execute
> > > the functions but they can see the source code for them. Shouldn't
> > > I be able to revoke both the ability to execute and the ability to
> > > see functions?
>
> Yes and know. If your functions are interpreted then no, I don't see
> any reason for this feature, e.g; python,perl,plpgsql,sql,ruby. I can
> read them on disk anyway.
I disagree here. If they're connecting remotely to PG, they have no
direct access to the disk.
> If you want to obfuscate your code I suggest you use a compilable form
> or a code obfuscation module for your functions (which can be had for
> at least python, I am sure others as well).
Although this is an excellent suggestion as well.
But I still think the feature is potentially useful.
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/
wmoran(at)collaborativefusion(dot)com
Phone: 412-422-3463x4023
From | Date | Subject | |
---|---|---|---|
Next Message | Jeff Davis | 2007-12-14 19:29:54 | explanation for seeks in VACUUM |
Previous Message | Kevin Grittner | 2007-12-14 17:12:52 | VACUUM FREEZE output more than double input |