On Dec 20, 2007 5:28 PM, Alvaro Herrera <alvherre@xxxxxxxxxxxxxxxxx> wrote: > > I don't really agree that wrapping pl/pgsql with encryptor/decryptor > > is a bad idea. > > Right. But do you agree that it is separate from having hidden prosrc? > If we can complete a design then let's shot that way, and aim at > encryption sometime in the future :-) > > I have to note that I would probably not be the one to actually produce > a patch in this direction, or even to work on a working, detailed design > :-) You just read Joshua's opinion on this issue and I don't think I > need to say more :-) it is separate. doing it hiding prosrc way requires, as i see it a) row/col security, or b) view switcheroo row/col security is great but views (IMO) are a better approach to this generally. archives is of course replete with numerous generally fruitless treatments of both topics. view switcheroo is more of a 'do the ends justify the means' debate. this could turn into a big discussion about what else could be done with the system catalogs. since its not really all that difficult to disable access to pg_proc, and there are relatively few side effects outside of hosing pgadmin, i don't think the ends do justify the means at least in terms of internal server changes. If the necessary features get added in for other reasons, then perhaps... wrapping language handlers is interesting from other angles too. many times I've wanted to do preprocessing on functions without sacrificing ability of pasting from psql. merlin ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to majordomo@xxxxxxxxxxxxxx so that your message can get through to the mailing list cleanly