|
I want to ship an 11.0.1.2276 *.db file to another party without any of the procedural code still visible to even a binary editor. I can use ALTER ... SET HIDDEN but that just obfuscates and the recipient is rather clever. I suspect DROP may not do much of anything to the system catalog data and extension pages other than mark them as free. Should I use ALTER to replace every procedure, trigger, event, service etcetera with big fat meaningless templates, thus overwriting everything? Or is that still not going to work? |
Follow this question
By Email:Once you sign in you will be able to subscribe for any updates here
By RSS:Markdown Basics
- *italic* or _italic_
- **bold** or __bold__
- link:[text](http://url.com/ "title")
- image?
- numbered list: 1. Foo 2. Bar
- to add a line break simply add two spaces to where you would like the new line to be.
- basic HTML tags are also supported
Question tags:
question asked: 07 Oct '10, 19:30
question was seen: 2,831 times
last updated: 07 Oct '10, 20:46
So you say ALTER ... SET HIDDEN is not that effective? Should I re-evaluate that part of my answer, cf. http://sqlanywhere-forum.sap.com/questions/1163#1167?
It's obfuscation, not encryption... there is no user-supplied key. Plus, the engine needs to be able to parse the SQL code so by definition a de-obfuscation algorithm must exist... it's not a one-way thing. I think it's adequate for protection against casual hackers, but in MY case the intended recipient is awash in PhD-class thinkers :)
@Breck: In my understanding, it's still encryption (in contrast to "one-way" hashing) but with a built-in key so that the engine can decrypt automatically. But nevertheless, I agree it's not strong encryption...
@Volker: If that is so, the engine contains the key, and the key hasn't changed in a thousand years, right? It could be super duper strong encryption, it doesn't matter if everyone has the key. Besides, the Help uses the word "obfuscate".