Re: DBD::PgSPI 0.02
| От | alex@pilosoft.com |
|---|---|
| Тема | Re: DBD::PgSPI 0.02 |
| Дата | |
| Msg-id | Pine.LNX.4.44.0412061716480.10941-100000@bawx.pilosoft.com обсуждение исходный текст |
| Ответ на | Re: DBD::PgSPI 0.02 (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On Mon, 6 Dec 2004, Tom Lane wrote: > Sure. But you don't run your middleware as root (I hope ;-)) and you > shouldn't run it in untrusted server-side languages either. I agree Actually - I don't practically care, and in fact I'm doing things that are unsafe...But, I agree, others may think differently ;) > with Andrew that it's important to figure out how to make DBI usable > in trusted plperl. Obviously this isn't happening in time for 8.0, > but it deserves a place on the TODO list. It's interesting but its probably a untrivial effort to make DBI itself Safe-safe. Probably it would require starting with DBI::PurePerl (non-XS version) and adding a mode that would disable all unSafe activity (such as file operations etc etc)... -alex
В списке pgsql-hackers по дате отправления: