Thanks for the explanation. I think I understand it now.
Mikhail
Karsten Hilbert wrote:
>>>Now that the rexec code is gone, it MUST be marked untrusted --- this is
>>>not a question for debate. Installing it as trusted would be a security
>>>hole.
>>
>>That means that there is something else untrusted in PLPython,
>>what is this?
>
> Well, basically everything else.
>
> You are getting this backwards. Making Python a *trusted*
> language *requires* something like rexec. Since we don't have
> rexec anymore (it never was much good, apparently) we cannot
> make Python trusted. Hence we must make it untrusted to keep
> it in at all.
>
> The point here is not whether we trust the rest of Python but
> whether we have something (like rexec) that restricts the
> standard Python. Only if we have that do we define a language
> as "trusted".
>
> Things would be different, of course, if an entire language
> was restricted by nature. That would be a candidate for a
> trusted language without needing specific add-on execution
> restriction.
>
> Karsten
