-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
> PL/Perl runs in tainted mode, so it will prevent you from
> accessing any files (which means you can relatively safely
> give an access to it for ordinary users and not worry too much
> about them doing system("rm -rf .");
Two minor nits: it's not taint mode (that's something else entirely
in Perl). Pl/Perl runns in "safe mode" via the Safe module:
http://search.cpan.org/~jhi/perl-5.8.0/ext/Opcode/Safe.pm
Also, allowing a bare system call is really the fault of the person
writing the function, and one should not rely upon trusted languages
to prevent that sort of thing. :)
> Other approach, I think a bit better, would be to devise a scheme like this:
The listen approach is a good one, I agree, especially if the actual call
takes a finite amount of time and is called from a trigger, as your insert
or update will have to wait for the external program to finish before
returning.
There are other untrusted languages (e.g. tcl) you could also try out,
but Pl/Perl is probably the most functional and best supported.
- --
Greg Sabino Mullane greg@turnstep.com
PGP Key: 0x14964AC8 200710051101
http://biglumber.com/x/web?pk=2529DF6AB8F79407E94445B4BC9B906714964AC8
-----BEGIN PGP SIGNATURE-----
iD8DBQFHBlHIvJuQZxSWSsgRA2ysAJ9STQNEHtCe0MvJ911QUrHkXJ+JswCgsE0o
qUcGE9gXUbClwx3KsLAjHNE=
=g3wJ
-----END PGP SIGNATURE-----
