Home > mailing lists

Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co - Mailing list pgsql-committers

From	Andres Freund
Subject	Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co
Date	April 27, 2016 06:04:16
Msg-id	20160427030411.hjod6bja6pjnmlab@alap3.anarazel.de Whole thread Raw
In response to	Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co (Michael Paquier <michael.paquier@gmail.com>)
List	pgsql-committers

Tree view

On 2016-04-26 22:59:44 -0400, Tom Lane wrote:
> What's the argument that it makes debugging harder?  Especially if
> you aren't using it?

If you try to write a V1 function, but forget or mistype/rename the
function in PG_FUNCTION_INFO_V1, you'll get crashes, at least if you're
lucky.

> I don't particularly buy the "easier exploitation" argument, either.
> You can't create a C function without superuser, and if you've got
> superuser there are plenty of ways to run arbitrary code.

Without pl*u installed, I don't think any of them are as simple as
calling system(). But yea, it's not a very high barrier.

pgsql-committers by date:

From: Tom Lane
Date: 27 April 2016, 05:59:50
Subject: Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co

From: Andres Freund
Date: 27 April 2016, 06:36:04
Subject: pgsql: Emit invalidations to standby for transactions without xid.

Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co - Mailing list pgsql-committers

Previous

Next