Re: [GENERAL] Securing stored procedures and triggers

On Wed, Oct 31, 2007 at 05:18:58PM -0400, mgould wrote:
> Thanks all. In the open source community there seems to be more
> talent to "hack" than in other environments.

I think we're just much more honest about what the technology is really capable of. None of us is likely to actually bother breaking into anything, it's just that once you understand the fundamental building blocks of computers it's reasonably easy to determine specific properties. People involved in FOSS projects generally have a much better understanding of this that in other environments.

> Once I told ASA to set
> the "hidden" attribute, I've not had any problems with this, at least
> that I've heard of.

Which, almost by definition in security, you're not going to hear about.

> I was hoping that I'd be able to keep others out
> of the database totally but I can't host these applications for all of
> my customers.

In absolute terms you can't protect code. The whole point of computers and information is that it's very difficult to lock down. Witness the trouble that the big media companies are having with trying to "protect" the contents of their DVD/CD's.

  Sam

---------------------------(end of broadcast)---------------------------

               http://archives.postgresql.org/ Received on Wed Oct 31 22:25:01 2007

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related postgresql.org Links pgsql-admin pgsql-advocacy pgsql-announce pgsql-bugs pgsql-cygwin pgsql-docs pgsql-general pgsql-interfaces pgsql-jdbc pgsql-jobs pgsql-novice pgsql-odbc pgsql-performance pgsql-php pgsql-ports pgsql-sql Request more information about Pantek