The basic problem is this: if you have to decrypt the code in order
to give it to a compiler (PL/pgSQL, Java, Perl, ...) then there is
a point in time where the source code is in plaintext form - it
would be trivial to add an fprintf( stderr, "%s", plainTextForm )
to the PL handler to steal the code.
if somebody is allowed to recompile on the box GRANT and REVOKE are
you did not get the point, i think.
we are shipping appliances - users can only use SQL; no compilers and
no SSH logins allowed ...
Cybertec Geschwinde & Schönig GmbH
Gröhrmühlgasse 26, 2700 Wiener Neustadt
Tel: +43/1/205 10 35 / 340