> Can you guarantee unequivocally that there are absolutely not security
> issues in plpgsql?
Can you guarantee unequivocally that there are absolutely not security
issues in PostgreSQL?
>
> I believe Tom's point is that it is not possible to do so, and, since
> plpgsql isn't something that all applications need/use, it isn't
> something that needs to be 'loaded by default' ... its like loading
> mod_perl in apache for an application that only uses PHP ... you can do
> it, but why bother?
Well.... many distributions do but no it is not the same. plPGSQL is the
default procedural language for PostgreSQL. It is not a contrib module,
and it is built by default. So why not install it by default to make it
just one step easier for our community?
Sincerely,
Joshua D. Drake
>
> If Tom could cite any security issues with plpgsql, he would have
> probably fixed it by now ... but I don't believe he'd go out on a limb
> and state that there weren't any either ...
>
>
> ----
> Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
> Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664
>
--
=== The PostgreSQL Company: Command Prompt, Inc. === Sales/Support: +1.503.667.4564 || 24x7/Emergency:
+1.800.492.2240 Providing the most comprehensive PostgreSQL solutions since 1997
http://www.commandprompt.com/