> If you want an audit comparison point, I'd suggest capturing
> the result of pg_get_functiondef or one of its sibling functions
> just after creating your function. "pg_dump -s" is another
> pretty credible mechanism for capturing schema details.
That's very good info, thank you. I guess freaki
On Fri, 2 Dec 2022 at 15:47, raf wrote:
> If you're concerned about tampering by
> customers/users/developers, you can either set
> permissions to prevent it in some cases, and when you
> can't prevent it, make it tamper-evident by logging
> actions to somewhere remote and monitoring for what
> co
On Fri, 2 Dec 2022 at 15:02, Daniel Gustafsson wrote:
> How do you today prove that for other compiled programs in your system?
Good question. I guess I never considered database to be compiled.
How do you debug this kind of system? What if the you suspect that there is
a wrong version of proced
On Fri, 2 Dec 2022 at 02:24, raf wrote:
> Same here. Accessing the loaded stored procedure source
> is how I audit the state of stored procedures in the
> database against the code in the code repository.
Exactly. If our software is audited, how can I reliably prove to auditor
that the running ve
