Subject Re: code-protection
Author Adam
--- In, "Marcelo" <pcpower099@y...>
> Hi!
> Is there any way to keep stored procedures encoded so as not to be
> possible to anybody to see its internal coding? Even sysdba's.
> Merry Christmas
> Marcelo.

Yes, do not let the users have file system access to the database, and
do not let the users know their passwords. (Hash their passwords after
they type it in, and use the hash as their password). Then they can
not use tools to query the procedure source.

If this is not possible due to your configuration, then the answer is
yes but not really well.

The stored procedure source is compiled to a language called BLR, the
source itself is not actually required. You can locate the source in
the RDB$??? table, and set the value to null. As long as the BLR field
is still there it will still work fine.

Of course someone with enough experience could reverse engineer the
source from the BLR, or rather could see what the SP is doing by
studying the BLR, so the first option is a lot better.