Skip to content

Instantly share code, notes, and snippets.

View beargiles's full-sized avatar

Bear Giles beargiles

10 followers · 1 following
  • Boulder, CO
  • 03:33 (UTC -06:00)
View GitHub Profile
@beargiles
beargiles / skey_type.sql
Created October 26, 2021 01:04
PostgreSQL user-defined RECORD type
--
-- Create user-defined record type for symmetric keys
--
CREATE TYPE skey AS (
key_id int4,
key bytea,
type text
);
--
@beargiles
beargiles / key_manager.sql
Created October 27, 2021 03:06
Key store with triggers
-- ---------------------------------------
-- Preparation
-- ---------------------------------------
CREATE SCHEMA pgcrypto;
CREATE EXTENSION pgcrypto WITH SCHEMA pgcrypto;
CREATE USER key_manager;
CREATE SCHEMA key_manager;
ALTER SCHEMA key_manager OWNER TO key_manager;
ALTER ROLE key_manager SET search_path TO key_manager;
@beargiles
beargiles / PermissiveSecurityManager.java
Last active October 11, 2023 19:29
Example of using AccessControlContext to restrict access to sensitive resources
/**
* Permissive SecurityManager
*
* This SecurityManager can still be highly restricive but it allows
* access to a sensitive service.
*/
public class PermissiveSecurityManager extends SecurityManager {
private final List<String> hosts = new ArrayList<>();
public PermissiveSecurityManager(String... hosts) {
@beargiles
beargiles / create-get-host-enum-function.sql
Last active December 7, 2023 01:41
Figures for 'syslog-ng with triggers and custom enum types'
create or replace function get_host_enum(hostname text)
returns host_enum as
$$
declare
_value host_enum;
begin
select hosts1.key from hosts1 where hosts1.hostname = $1 into _value;
if not found then
insert into hosts1(hostname) values ($1) on conflict do nothing;