Re: Possible major bug in PlPython (plus some other ideas)
| От | Bruce Momjian |
|---|---|
| Тема | Re: Possible major bug in PlPython (plus some other ideas) |
| Дата | |
| Msg-id | 200111171943.fAHJh9r10981@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | Re: Possible major bug in PlPython (plus some other ideas) (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Possible major bug in PlPython (plus some other ideas)
|
| Список | pgsql-hackers |
Has this all been addressed? Are there any TODO items here? --------------------------------------------------------------------------- > Bradley McLean <brad@bradm.net> writes: > > (Everyone) Would a patch to add trusted language support be accepted > > for 7.2, or is it too late? > > I think the code in there already is the trusted case, no? The addition > would be an untrusted mode for plpython. > > trusted = language handler prevents security violations, so unprivileged > users are allowed to define functions in the language (ie, we trust the > language itself to prevent security breaches) > > untrusted = language allows user to access things outside database, > so only Postgres superusers are allowed to define functions in the > language (ie, we must trust the function author instead of the language) > > In any case, a second security level in plpython would clearly be a new > feature, and so I'd say it's too late to consider it for 7.2. All that > we want to do at this point is verify Kevin's proposed patch for the > existing security level. But certainly a "plpythonu" addition would > be welcome for 7.3. > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 4: Don't 'kill -9' the postmaster > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania19026
В списке pgsql-hackers по дате отправления: