Oracle - Protecting Source-Code

Question

After a quite exhaustive search, it would appear that there is no real and reliable way to hide code within Oracle's database (i.e. protect the code of routines, functions, packages and triggers).

The obfuscation (WRAP), though initially promising, turned out to be useless as it is very easy to UNDO the obfuscation and get the original (readable) code back.

So, before I give up, is there any way supported by Oracle that enables real hiding of the code? (I mean, besides of blocking access using credentials).

Answer 1

Althought I do not like the idea of wrapping at all. As it is not benefitial for both sides (client/vendor). I have to say that wrapping of procedures/functions works differently then for packades.

While for packages wrapping simply substitutes bytes. For proceduers Oracle stores ADA virtual machine p-code. Which is much harder to reverse engeneer.

But anyway there is NO way to hide session tracing. So DBAs will always be able to see SQL statements executed by PL/SQL code.

Answer 2

This is perhaps one of the remaining advantages of pre-compiler languages like Pro-C, Pro-COBOL. True, queries can always be revealed via tracing/monitoring, but non-SQL logic in the languages will be hidden since what you deliver will be compiled objects. You do have the option to call out to C libraries (see CREATE LIBRARY) from PLSQL to do your computation, but to dip in, out of this just to partition between SQL and logic flow I think will be cumbersome. This method tends to get used to take advantage of external utilities (e.g. Bank Wizard libraries for validating bank accounts, PAF validation, etc).