Home > mailing lists

Re: Attention PL authors: want to be listed in template table? - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Attention PL authors: want to be listed in template table?
Date	September 7, 2005 20:00:10
Msg-id	29347.1126122920@sss.pgh.pa.us Whole thread Raw
In response to	Re: Attention PL authors: want to be listed in template table? (Peter Eisentraut <peter_e@gmx.net>)
Responses	Re: Attention PL authors: want to be listed in template table? Re: Attention PL authors: want to be listed in template table?
List	pgsql-hackers

Tree view

Peter Eisentraut <peter_e@gmx.net> writes:
> The other problem I see emerging here is that in certain environments, 
> the "java" language may not be trusted, such as when it is compiled 
> with GCJ.

Hmm, is that really the case?  I thought Java is Java.

> Then, this built-in template will override the CREATE 
> LANGUAGE specification and introduce a security hole.

But it's exactly the same hole the user would create by manually saying
CREATE TRUSTED LANGUAGE in error.  I don't think that's a reasonable
argument against the template idea --- it just says that you have to be
aware of what you're doing.

(An appropriate solution, in my mind, would be to drop the trusted call
handler from the shared library if it's built with gcj --- then there's
really no possibility of doing the wrong thing.)
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 07 September 2005, 19:39:36
Subject: Re: Attention PL authors: want to be listed in template table?

From: "Jim C. Nasby"
Date: 07 September 2005, 20:00:14
Subject: Re: uuid type for postgres

Re: Attention PL authors: want to be listed in template table? - Mailing list pgsql-hackers

Previous

Next