Bruce Momjian wrote:
> I think the issue was that adding these fuctions adds a potential
> security opening, so we didn't want it in core by default, but
> /contrib seems logical because anyone who needs it can just add it.
Well, if there are security issues, then this is a poor fix. A lot of
people use pgAdmin, many of them less experienced with PostgreSQL, so
before long all of these functions are going to be installed at many
sites anyway. If there are _security_ issues, they need to be fixed
before things go into contrib.
> This is similar to the fact we don't include plpgsql by default in
> databases, for the same reason,
I doubt that that is really the reason.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/
