Re: dblink connection security

Stephen Frost wrote:
> * Joe Conway (mail@joeconway.com) wrote:
>> Sure it matters. A function written in a trusted language is known to be
>> safe, a priori. A function written in an untrusted language has no such
>> guarantees, and therefore has to be assumed unsafe unless carefully proved
>> otherwise.
>
> I see..  So all the functions in untrusted languages that come with PG
> initially should be checked over by every sysadmin when installing PG
> every time...  And the same for PostGIS, and all of the PL's that use
> untrusted languages?

There are none installed by default -- that's the point.

> On my pretty modest install that's 2,206 functions.  For some reason I
> see something of a difference between 'generate_series' and 'dblink' in
> terms of security and which one I'm comfortable having enabled by
> default and which one I'm not.

generate_series is a built in function. We aren't discussing those.

Joe