Обсуждение: Hide function source

Поиск
Список
Период
Сортировка

Hide function source

От
Nelson Gonzaga
Дата:
Dear,
How do I hide a function source code from all users except superuser, but all can execute it?
Thanks,
Nelson 

Re: Hide function source

От
Pepe TD Vo
Дата:
you can grant execute privilege to the user(s)
GRANT EXECUTE ON FUNCTION function_name() TO some_user;



Bach-Nga

No one in this world is pure and perfect.  If you avoid people for their mistakes you will be alone. So judge less, love, and forgive more.EmojiEmojiEmoji
To call him a dog hardly seems to do him justice though in as much as he had four legs, a tail, and barked, I admit he was, to all outward appearances. But to those who knew him well, he was a perfect gentleman (Hermione Gingold)

**Live simply **Love generously **Care deeply **Speak kindly.
*** Genuinely rich *** Faithful talent *** Sharing success




On Sunday, October 10, 2021, 04:52:54 AM EDT, Nelson Gonzaga <ngonzaga@yahoo.com> wrote:


Dear,
How do I hide a function source code from all users except superuser, but all can execute it?
Thanks,
Nelson 

Re: Hide function source

От
Mladen Gogala
Дата:


On 10/10/21 04:50, Nelson Gonzaga wrote:
Dear,
How do I hide a function source code from all users except superuser, but all can execute it?
Thanks,
Nelson

That is not possible. Postgres doesn't store functions in the compiled form, it stores them in the source form. Each process that executes a function has to compile it first. If you are looking for something like the Oracle "wrap", it might exist as an extension, I don't know. Please be aware that even Oracle "wrap" is not very secure. There is a public SQL*Developer extension which unwraps the wrapped source code.

-- 
Mladen Gogala
Database Consultant
Tel: (347) 321-1217
https://dbwhisperer.wordpress.com

Re: Hide function source

От
hubert depesz lubaczewski
Дата:
On Sun, Oct 10, 2021 at 08:50:33AM +0000, Nelson Gonzaga wrote:
> Dear,How do I hide a function source code from all users except
> superuser, but all can execute it?Thanks,Nelson 

Write it in something else than sql or plpgsql, and use external file.

But, if your function source is security vulnerability, then don't write
it that way.

Best regards,

depesz