On Tue, May 13, 2003 at 14:16:52 -0400,
Network Administrator <netadmin@vcsn.com> wrote:
> We're saying the same thing- non-admin user (superusers) can only install
> untrusted languages. However, I didn't know you could grant rights to a
> untrusted function. That is interesting because I thought the language's
> trusted status was based on who owned the database. For instance, if I installed
> Perl as untrusted into template1 wouldn't any user database based I create for
> regular users (as the superuser but making them the database owner) run PL/Perl
> functions as trusted?
The access right for languages is USAGE. I believe this is granted to
public by default when a trusted language is created. For untrusted
languages you can't grant usage. If you don't have usage access to
a language, you can't create functions using that language. Since
a normal user can't get usage access to an untrusted language a normal
user can't create functions that use untrusted languages.
Note that in older versions of postgres the same restriction was there,
but things worked a little differently as there was no language
version of the grant command.
>
> The initial reason for my post is that I [thought] I saw some talk about writing
> files as using PL/Perl instead of PL/Sh and I thought PL/Perl did not allow
> regular users to write files to the file system, no?
I haven't played with PL/Perl myself, but I do believe that there are
both trusted and untrusted versions of that. Presumably the untrusted
one would have full access to perl and be able to write to files.