Re: Specification for Trusted PLs? - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Specification for Trusted PLs?
Date
Msg-id 18159.1274447041@sss.pgh.pa.us
Whole thread Raw
In response to Re: Specification for Trusted PLs?  (Peter Geoghegan <peter.geoghegan86@gmail.com>)
Responses Re: Specification for Trusted PLs?
List pgsql-hackers
Peter Geoghegan <peter.geoghegan86@gmail.com> writes:
>> That's about it- a language is TRUSTED if there's no way for a user to
>> be able to write a function which will give them access to things
>> they're not supposed to have. �Practically, this includes things like
>> any kind of direct I/O (files, network, etc).

> The fact that plpythonu used to be plpython back in 7.3 serves to
> illustrate that the distinction is not all that well defined. I guess
> that someone made an executive decision that the python restricted
> execution environment wasn't restricted enough.

Well, it was the upstream authors of python's restricted execution
environment who decided it was unfixably insecure, not us.  So the
"trusted" version had to go away.

(For awhile there last month, it was looking like plperl was going to
suffer the same fate :-(.  Fortunately Tim Bunce thought of a way to
not have to rely on Safe.pm anymore.)
        regards, tom lane


pgsql-hackers by date:

Previous
From: Peter Geoghegan
Date:
Subject: Re: Specification for Trusted PLs?
Next
From: Robert Haas
Date:
Subject: Re: Snapshot Materialized Views - GSoC