It seems perfectly safe to me too for the reason that Kris mentions.
Tom, could you please elaborate where you see a security hole?
Regards,
Thomas Hallgren
Tom Lane wrote:
> Kris Jurka <books@ejurka.com> writes:
>
>> On Wed, 30 Jul 2008, Alvaro Herrera wrote:
>>
>>> I do agree that creating base types should require a superuser though.
>>> It too seems dangerous just on principle, even if today there's no
>>> actual hole (that we already know of).
>>>
>
>
>> pl/java already allows non-superusers to create functions returning
>> cstring and base types built off of these functions.
>>
>
> So in other words, if pl/java is installed we have a security hole
> a mile wide.
>
> regards, tom lane
> _______________________________________________
> Pljava-dev mailing list
> Pljava-dev@pgfoundry.org
> http://pgfoundry.org/mailman/listinfo/pljava-dev
>