On 28/01/2008, Tom Lane <[EMAIL PROTECTED]> wrote: > Andrew Dunstan <[EMAIL PROTECTED]> writes: > > Maybe a better TODO would be to do this task in the way that has > > previously been suggested: > > http://archives.postgresql.org/pgsql-hackers/2007-08/msg00258.php > > I'm certainly not happy about any proposal to put a password/key in a > > GUC var - that strikes me as a major footgun. > > We didn't really have a better solution to the key management problem, > though, did we? At least I don't see anything about it in that thread. > > However, I definitely agree that a separate loadable PL is the way to go > for functionality of this sort. There is no way that a dependency on > pgcrypto is going to be accepted into core, not even in the (ahem) > obfuscated way that it's presented here. >
Do you thing some binary module that load some encrypted sources from files? It can be possible too. But if source code will be stored in pg_proc, then we need third method. Some like "obfuscate" (prev. are validate and call"), because we can't to store plain text to prosrc col. My patch is only solution for some users, and I know about problem with dependency. Reagards Pavel Stehule > regards, tom lane > ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings
