On Sat, Feb 25, 2006 at 10:09:52AM +0100, Tino Wildenhain wrote:
> And with even more love the restricted python from zope could
> be ported so there could be a pl/python again :-)
>
> Ok, just haluzinating ;)
Not necessarily. ;)
From what I have seen of zope's restricted python, it does, or can, force its
restrictions by checking bytecode. I imagine a simple PL sitting on top of the
untrusted varient that merely implements a custom validator that checks the
bytecode produced by the untrusted PL's validator. The language handler would
remain the same:
<Create untrusted plpy...>
CREATE FUNCTION zope_restrict(oid) RETURNS VOID LANGUAGE python AS
$$
getcode = Postgres.CachedQuery("SELECT probin FROM pg_proc WHERE oid = $1")
getlangval = Postgres.CachedQuery("""SELECT lanvalidator FROM pg_language WHERE oid = (SELECT prolang FROM pg_proc
WHEREoid = $1)
""")
langvaloid = getlangval(self.function.procid)
langval = Postgres.Function(langvaloid)
# produce the function's bytecode for checking
langval(args[0])
# get the function's newly created bytecode
code = getcode(args[0]).next()[0]
#
# XXX: do the zope restriction stuff, raise exception if necessary
#
Postgres.NOTICE(repr(code))
$$;
CREATE TRUSTED LANGUAGE plpyr HANDLER python.handler VALIDATOR zope_restrict;
[This almost works in plpy head, but I think I just found a bug ;]
--
Regards, James William Pye
