On Aug 9, 2007, at 4:34 PM, Peter Eisentraut wrote:
Am Donnerstag, 9. August 2007 16:09 schrieb Hans-Juergen Schoenig:
the idea is basically to hide codes - many companies want that and
ask for it again and again.
If you want to design a security feature, you need to offer a
threat and risk
analysis, not just the whining of customers.
well, the complete analysis is easy - the solution is not.
currently we have basically no option to reduce access to the system
tables. this would be hard anyway as we need those tables for
basically all kinds of operations.
the problem here is that vendors of appliances don't want people to
spider their codes. this is a fact - it is not the idea of open
source to do so but bloody reality. in addition to that people are
not willing to code everything in C just to hide.
so, there has to be a concept to achieve this for stored procedures
i am afraid the source level encryption is the easiest thing and most
understandable thing to do.
so, better ideas are welcome.
Cybertec Geschwinde & Schönig GmbH
Gröhrmühlgasse 26, 2700 Wiener Neustadt
Tel: +43/1/205 10 35 / 340