On Sep 25, 2008, at 1:05 PM, Casey Allen Shobe wrote:
As for the expectation above - could pl/pgsql be made compilable?
Without getting into the argument as to the level of security provided, it strikes me that a reasonable approach would be a non- core pluggable language which accepts encrypted strings as functions, decrypts them (using a key compiled into the language module), and passes them on to PL/pgSQL for execution. This would keep the functionality out of core, allow the developer who distributes the code to plop in their own key and distribute the code as a compiled module, and minimizes reimplementation.
This would, of course, be easily hacked with someone who can step through the language module with a debugger, but I don't see any reasonable way of preventing someone with that level of access from breaking the code without OS-level support.
-- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
