Re: Add on_trusted_init and on_untrusted_init to plperl UPDATED [PATCH] - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Add on_trusted_init and on_untrusted_init to plperl UPDATED [PATCH]
Date
Msg-id 1804.1265225354@sss.pgh.pa.us
Whole thread Raw
In response to Re: Add on_trusted_init and on_untrusted_init to plperl UPDATED [PATCH]  (Alex Hunsaker <badalex@gmail.com>)
List pgsql-hackers
Alex Hunsaker <badalex@gmail.com> writes:
> On Wed, Feb 3, 2010 at 12:04, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Yes.  I am not at all happy about inserting nonstandard permissions
>> checks into GUC assign hooks

> I think Tims solution is just to check in plperl.c right before we
> eval it so not at SET time.

Well, that would be *completely* wrong/useless.  What you would find out
is the ID of the user who directly called the function, which would have
nothing at all to do with the privileges of whoever set the GUC.

I'm leaning in the same direction as Robert: let's just make all three
of these SUSET and stop worrying.  It's not real clear that there's much
of a use-case for letting unprivileged users set on_plperl_init anyway.
Also, we can always back it off later if we decide it's safer than it
looks.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Mark Mielke
Date:
Subject: Re: PG 9.0 and standard_conforming_strings
Next
From: Mark Mielke
Date:
Subject: Re: PG 9.0 and standard_conforming_strings