Home > mailing lists

Re: Add on_trusted_init and on_untrusted_init to plperl [PATCH] - Mailing list pgsql-hackers

From	Tim Bunce
Subject	Re: Add on_trusted_init and on_untrusted_init to plperl [PATCH]
Date	January 28, 2010 18:55:31
Msg-id	20100128195509.GI38673@timac.local Whole thread Raw
In response to	Re: Add on_trusted_init and on_untrusted_init to plperl [PATCH] (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

On Thu, Jan 28, 2010 at 12:12:58PM -0500, Tom Lane wrote:
> Andrew Dunstan <andrew@dunslane.net> writes:
> > Tom Lane wrote:
> >> Isn't it a security hole if on_trusted_init is USERSET?  That means
> >> an unprivileged user can determine what will happen in plperlu.
> >> SUSET would be saner.
> 
> > ITYM on_untrusted_init.
> 
> Right, sorry, got 'em backwards.

I've done that several times. The naming is tricky because it's very
dependent on your point of view. The 'trusted' language is for running
'untrusted' code and the 'untrusted' language is for running 'trusted'
code. The naming convention is unfortunate.

Just an observation from a newbie. I imagine it's been pointed out before.

Tim.

pgsql-hackers by date:

From: Peter Eisentraut
Date: 28 January 2010, 18:51:48
Subject: Re: Review: Typed Table

From: Tom Lane
Date: 28 January 2010, 19:01:29
Subject: Re: Review: Typed Table

Re: Add on_trusted_init and on_untrusted_init to plperl [PATCH] - Mailing list pgsql-hackers

Previous

Next