In response to "Roberts, Jon" <Jon.Roberts@xxxxxxxxxxx>: > Is it possible yet in PostgreSQL to hide the source code of functions from > users based on role membership? I would like to avoid converting the code > to C to secure the source code and I don't want it obfuscated either. > > In an ideal world, if a user can't modify a function, he/she shouldn't be > able to see the source code. If the user can execute the function, then the > user should be able to see the signature of the function but not the body. I doubt that's going to happen. Mainly because I disagree completely with your ideal world description (any user who can execute a function should have the right to examine it to see what it actually does). I suspect that others would agree with me, the result being that there's no universally-agreed-on approach. As a result, what _really_ needs to be done is an extra permission bit added to functions so administrators can control who can view the function body. -- Bill Moran Collaborative Fusion Inc. http://people.collaborativefusion.com/~wmoran/ wmoran@xxxxxxxxxxxxxxxxxxxxxxx Phone: 412-422-3463x4023 ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to majordomo@xxxxxxxxxxxxxx so that your message can get through to the mailing list cleanly
