Yes , I am on 8.2 on a Windows XP platform, I tested the get/put, and had no
issues like JS describes. I have pushed most logic down into the SP. The
trigger doesn't contain anything really novel. My product is protected by a
signed software license agreement with the customer (not shrinked wrapped or
EULA), so hopefully the customer would honor that. However, I am the
paranoid type, and would like to still make it as difficult as possible for
a 'well meaning' programmer to copy/paste the code to an in-house
development effort, ... or (in this case) another vendor dealing with other
apps that access the database 'inadvertently' view the code and become aware
of the techniques used. So to answer your question, I am looking for a truly
secure delivery method that allows the SP to be executed, but cannot be (not
without great difficulty) viewed or reversed engineered, etc. Encryption is
the best answer, depending on when/who does the decryption at run time and
if other processes could spy on the process to read the unencrypted
executable byte codes. Also, SQL traces would reveal hints as to the inner
workings of the SP, so it would be nice if SQL issued by an encrypted SP
could not be traced (at least from db/2). It doesn't protect against network
sniffers, other hacks, etc. but for my purposes, if it is difficult enough
that you have to go out of your way to view the source, or your novice or
decent programmer can't figure out how to view it, ... that's good enough.
John
"Serge Rielau" <sr*****@ca.ibm.com> wrote in message
news:2t*************@uni-berlin.de...
Hi John,
Not as such. If you are on DB2 V8.2 you may be able to push teh logic into
a procedure and use a CALL.
This works for Triggers and SQL UDF alike.
The problem with these objects is that they are macro expanded into the
invoking statement (like a view) so DB2 needs the code.
May I ask a curious question though for my own education?
Do you just want to hide the text from _plain_ sight or do you actually
want to encrypt.
The reason why I ask is that all the information about a trigger,
function, check constraint... is also stored in teh packed descriptor of
the table/function (which is a BLOB). So simply removing it from the TEXT
column is conceptually easy. But a simple db2cat maintenace command would
unravel the mysteries ;-)
If you wanted encryption. Would YOU need to be able to descrypt (using a
password)?
Cheers
Serge