> -----Original Message----- > From: Trevor Talbot [mailto:quension@xxxxxxxxx] > Sent: Wednesday, December 19, 2007 9:45 AM > To: Joshua D. Drake > Cc: Roberts, Jon; Kris Jurka; Merlin Moncure; Jonah H. Harris; Bill Moran; > pgsql-performance@xxxxxxxxxxxxxx > Subject: Re: viewing source code > > On 12/18/07, Joshua D. Drake <jd@xxxxxxxxxxxxxxxxx> wrote: > > > On Tue, 18 Dec 2007 10:05:46 -0600 > > "Roberts, Jon" <Jon.Roberts@xxxxxxxxxxx> wrote: > > > > If we are talking about enhancement requests, I would propose we > > > create a role that can be granted/revoked that enables a user to see > > > dictionary objects like source code. Secondly, users should be able > > > to see their own code they write but not others unless they have been > > > granted this dictionary role. > > > You are likely not going to get any support on an obfuscation front. > > This is an Open Source project :P > > Wait, what? This is a DBMS, with some existing security controls > regarding the data users are able to access, and the proposal is about > increasing the granularity of that control. Arbitrary function bodies > are just as much data as anything else in the system. > > Obfuscation would be something like encrypting the function bodies so > that even the owner or administrator cannot view or modify the code > without significant reverse engineering. I mean, some people do want > that sort of thing, but this proposal isn't even close. Trevor, thank you for making the proposal clearer. The more I thought about a counter proposal to put views on pg_proc, I realized that isn't feasible either. It would break functionality of pgAdmin because users couldn't view their source code with the tool. > > Where on earth did "obfuscation" come from? Don't know. :) This really is a needed feature to make PostgreSQL more attractive to businesses. A more robust security model that better follows commercial products is needed for adoption. Jon ---------------------------(end of broadcast)--------------------------- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq
