I'm not an expert as you, but what about a small table where just one
user can read and create the function with this same user and definer
security?
Excuse if I say something stupid
Alvaro Herrera wrote:
Tom Lane wrote:
* Any database user is most of the time able to read function
bodies, so anybody who is able co connect to your database will be
able to get your 'secret_salt' and then predict session id's.
Yeah, it's not clear where to hide the secret.
In a memfrob'ed (or something better probably) area in a C function?
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
