Re: Stored procedure code no longer stored in v14 and v15, changed behaviour

From: Pasi Oja-Nisula <pon(at)iki(dot)fi>
To: pgsql-general(at)lists(dot)postgresql(dot)org
Subject: Re: Stored procedure code no longer stored in v14 and v15, changed behaviour
Date: 2022-12-02 13:00:09
Message-ID: CAJvus-MKW1tFhnotbQXbvCdXbfgH6WpvmExsMrYi1Yfov85KOA@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On Fri, 2 Dec 2022 at 02:24, raf <raf(at)raf(dot)org> wrote:
> Same here. Accessing the loaded stored procedure source
> is how I audit the state of stored procedures in the
> database against the code in the code repository.

Exactly. If our software is audited, how can I reliably prove to auditor
that the running version of the procedure has not been tampered with
either by customer, rogue developer or some malicious party?

Suggested solution "store the text in user table" does not work, because
it requires following a process. And the process overriding changes are those
we are interested in.

I'm not so much concerned about whether the stored procedure text compiles
anymore (because of object name changes etc.) I just really would like to
have the exact source code stored with the database. So if release management
goes horribly wrong, there is at least the possibility to compare procedure
text manually.

Pasi

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Daniel Gustafsson 2022-12-02 13:02:37 Re: Stored procedure code no longer stored in v14 and v15, changed behaviour
Previous Message Laurenz Albe 2022-12-02 12:37:11 Re: Stored procedure code no longer stored in v14 and v15, changed behaviour