"Juan Cuervo (Quality Telecom)" <juanrcuervo@xxxxxxxxxxxxxxxxxxx> wrote: > Imagine you own a software development company, Not too hard for me. Been there, done that. > and decides to base the company's product on Postgresql databases. > Such a company surely dont want to expose his database design to > its customers, but in some time might want to provide 'select' > access to some users, so they can pull data to external datamining > or data analisys tools, for example. If this is not possible in > postgresql right now, then all users with connect privilege will > be able to see not only the table's structure, but also the stored > procedures code, wich in many cases, stores a business logic or > know-how. Imagine that the software is running on a machine under the client's control, where they have root access to the OS. They can then disassemble or debug through code to see how the encrypted procedure code is turned into something the database can compile, they can connect to the database as the superuser to view all details. The only protection provided by what you suggest is from those too inept to really pose a competitive threat. If you think some other product gives you protection beyond this, it is an illusion. The only way to protect your schema and logic from view is to offer "software as a service". While someone might still infer a lot about the structure of the data and the logic of the code from observing its displays and the procedures available to the user, you would have some insulation. -Kevin -- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
