Untrusted PL/Tcl?
| От | JanWieck@t-online.de (Jan Wieck) |
|---|---|
| Тема | Untrusted PL/Tcl? |
| Дата | |
| Msg-id | 200007181136.NAA10871@hot.jw.home обсуждение исходный текст |
| Ответы |
Re: Untrusted PL/Tcl?
|
| Список | pgsql-hackers |
Hi all, there have been a couple of questions WRT doing untrustable things like file access, LDAP and the like from inside of triggers or functions. Tcl is a powerful language and could do all that, but the interpreter used in PL/Tcl is a safe one, because it is a trusted procedural language (any non-superuser can create functions). I think it should be pretty easy to build a second PL handler into the module, that executes the procedures in a full featured Tcl interpreter,that has all capabilities. This one would be installed as an untrusted PL, so only DB superusers could create functions in that language. Should I go for it and if so, how should this language be named? Jan -- #======================================================================# # It's easier to get forgiveness for being wrong than for being right. # # Let's break this rule - forgive me. # #================================================== JanWieck@Yahoo.com #
В списке pgsql-hackers по дате отправления: