Sam Mason <sam@samason.me.uk> writes:
> On Mon, Sep 14, 2009 at 05:45:14PM +0200, Saleem EDAH-TALLY wrote:
>> Le Monday 14 September 2009 16:13:45, vous avez �crit :
>>> "Secure wallet" is an exercise in self-delusion.
>>
>> Not really. How can a user extract data from a container, by whatever
>> name we call it, if he does not have the key to open it ?
> Exactly the same way that libpq does--debuggers are powerful tools!
Or even easier, modify the source code of libpq to print out the data
after it's extracted it. Security in an open-source world requires
a different set of tools than security in a closed-source world.
regards, tom lane