On 8/10/07, Decibel! <[EMAIL PROTECTED]> wrote:
> As I said before, I don't care what security you come up with, *it can
> be broken*. The point of security measures isn't to make it impossible
> to break the security, it's to make it more difficult than it's worth.

I agree... but this type of security is really only
security-through-obscurity.  If the source code is out there (because
it's open source), it's not difficult at all.  The code to
encrypt/obfuscate it and decrypt/execute it will all be out there.
Anyone with a couple years of programming experience could strip it
out and create a utility for it in a couple hours.  My bet is that it
wouldn't even be a monetary-driven exercise... just some geek doing it
to see if he/she could.

As there's basically no security provided, I just don't see any reason
to spend the effort adding something like this to PostgreSQL.

Jonah H. Harris, Software Architect | phone: 732.331.1324
EnterpriseDB Corporation            | fax: 732.331.1301
33 Wood Ave S, 3rd Floor            | [EMAIL PROTECTED]
Iselin, New Jersey 08830            | http://www.enterprisedb.com/

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
       choose an index scan if your joining column's datatypes do not

Reply via email to