| From: | "korry(dot)douglas" <korry(dot)douglas(at)enterprisedb(dot)com> |
|---|---|
| To: | "Hans-Juergen Schoenig" <postgres(at)cybertec(dot)at> |
| Cc: | "Andrew Dunstan" <andrew(at)dunslane(dot)net>, "PostgreSQL-development" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: crypting prosrc in pg_proc |
| Date: | 2007-08-09 14:47:43 |
| Message-ID: | 46BB290F.4030807@enterprisedb.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> the idea is basically to hide codes - many companies want that and ask
> for it again and again.
Hide code from who (or is that whom?)? The PL compiler(s) will need to
decrypt the code. If a compiler can decrypt it, then anyone can decrypt
it (because the compilers are open-source).
And the problem is that any user that can run a function must be able to
compile that function, and therefore, any user that can run a function
must have the decryption key for that function. So, I'm not sure you've
secured the source code from any user that can run the function.
Of course, if your goal is to hide the code from someone snooping
through the pg_proc relation (on disk), then encryption will certainly
help (provided the key is properly protected).
Note: I think source-code encryption is a useful idea, it just seems
tricky to implement in an open environment.
-- Korry
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zdenek Kotala | 2007-08-09 14:50:53 | Re: crypting prosrc in pg_proc |
| Previous Message | Decibel! | 2007-08-09 14:45:56 | Re: HOT patch, missing things |