Re: Restrict permissions on schema to hide pl/pgsql code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



"David G. Johnston" <david.g.johnston@xxxxxxxxx> writes:
> You can consider this email to have accomplished both.  Lacking someone
> saying they they are working on it and pointing you to a patch you can
> safely operate under the assumption that this behavior isn’t going to
> change.

It isn't.  We've considered complaints like this before and determined
that we're not going to do anything about it.  For better or worse, the
PG catalogs are readable by any authorized user, with only narrow
exceptions (like password columns).

A sufficiently determined person could perhaps do something like creating
their own PL that stores encrypted function source text in pg_proc, and
just hands it off to an existing PL after decryption.  I'm not exactly
sure where you'd keep the decryption key though.

			regards, tom lane





[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux