Обсуждение: how to create dir using pg/plsql
just subject,
i need to create dir using pg/plsql function,,but cannt get anything after google,
please advise? thanks!
雅虎邮箱,以安全著称,是值得信赖的邮箱专家!
i need to create dir using pg/plsql function,,but cannt get anything after google,
please advise? thanks!
雅虎邮箱,以安全著称,是值得信赖的邮箱专家!
On Wed, Aug 29, 2007 at 02:45:56PM +0800, qinghuamail-postgresqlfans@yahoo.com wrote: > just subject, > i need to create dir using pg/plsql function,,but cannt get anything after google, it's not possible. pl/pgsql is trusted language (like pl/perl and pl/tcl). trusted languages cannot use system-level functions. so no file, directory, socket access is possible. depesz -- quicksil1er: "postgres is excellent, but like any DB it requires a highly paid DBA. here's my CV!" :) http://www.depesz.com/ - blog dla ciebie (i moje CV)
oh,i see, thank you very much!
hubert depesz lubaczewski <depesz@depesz.com> 写道:
雅虎邮箱,以安全著称,是值得信赖的邮箱专家!
hubert depesz lubaczewski <depesz@depesz.com> 写道:
On Wed, Aug 29, 2007 at 02:45:56PM +0800, qinghuamail-postgresqlfans@yahoo.com wrote:
> just subject,
> i need to create dir using pg/plsql function,,but cannt get anything after google,
it's not possible.
pl/pgsql is trusted language (like pl/perl and pl/tcl). trusted
languages cannot use system-level functions. so no file, directory,
socket access is possible.
depesz
--
quicksil1er: "postgres is excellent, but like any DB it requires a
highly paid DBA. here's my CV!" :)
http://www.depesz.com/ - blog dla ciebie (i moje CV)
雅虎邮箱,以安全著称,是值得信赖的邮箱专家!
On 8/29/07, qinghuamail-postgresqlfans@yahoo.com <qinghuamail-postgresqlfans@yahoo.com> wrote: > just subject, > > i need to create dir using pg/plsql function,,but cannt get anything after > google, As noted, not possible. BUT, you can do it in untrusted languages, like pl/perlu or pl/tclu or pl/C
I was under the impression that recent modern databases, like PG, allow you to transfer control to an out-of-system (system being the DB engine) module (shared lib, dll). That is while triggers transfer control within the system, now mechanisms exists that allow you to go outside of the system. In that context, whence the control is transferred to a C, Perl or whatever language, who is to stop that function from doing anything it wants.
I appreciate a clarification.
Medi
I appreciate a clarification.
Medi
On 8/29/07, Scott Marlowe <scott.marlowe@gmail.com> wrote:
On 8/29/07, qinghuamail-postgresqlfans@yahoo.com
<qinghuamail-postgresqlfans@yahoo.com> wrote:
> just subject,
>
> i need to create dir using pg/plsql function,,but cannt get anything after
> google,
As noted, not possible. BUT, you can do it in untrusted languages,
like pl/perlu or pl/tclu or pl/C
---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend
"Medi Montaseri" <montaseri@gmail.com> writes: > I was under the impression that recent modern databases, like PG, allow you > to transfer control to an out-of-system (system being the DB engine) module > (shared lib, dll). That is while triggers transfer control within the > system, now mechanisms exists that allow you to go outside of the system. In > that context, whence the control is transferred to a C, Perl or whatever > language, who is to stop that function from doing anything it wants. Well, sure. Postgres calls those untrusted languages, and only lets database superusers use them. regards, tom lane
I see...thank you for the clarification...one more question...
How does PG protects itself from a run-away code (eg an endless loop) ? In other words, does PG run the "untrusted" code in a seperate process?
Thanks
Medi
How does PG protects itself from a run-away code (eg an endless loop) ? In other words, does PG run the "untrusted" code in a seperate process?
Thanks
Medi
On 8/29/07, Tom Lane <tgl@sss.pgh.pa.us> wrote:
"Medi Montaseri" <montaseri@gmail.com> writes:
> I was under the impression that recent modern databases, like PG, allow you
> to transfer control to an out-of-system (system being the DB engine) module
> (shared lib, dll). That is while triggers transfer control within the
> system, now mechanisms exists that allow you to go outside of the system. In
> that context, whence the control is transferred to a C, Perl or whatever
> language, who is to stop that function from doing anything it wants.
Well, sure. Postgres calls those untrusted languages, and only lets
database superusers use them.
regards, tom lane
Medi Montaseri escribió: > I see...thank you for the clarification...one more question... > How does PG protects itself from a run-away code (eg an endless loop) ? It doesn't. > In other words, does PG run the "untrusted" code in a seperate > process? No. -- Alvaro Herrera http://www.CommandPrompt.com/ PostgreSQL Replication, Consulting, Custom Development, 24x7 support