Home > mailing lists

Re: Specification for Trusted PLs? - Mailing list pgsql-hackers

From	Josh Berkus
Subject	Re: Specification for Trusted PLs?
Date	May 21, 2010 15:55:45
Msg-id	4BF6ACF3.2040907@agliodbs.com Whole thread Raw
In response to	Re: Specification for Trusted PLs? (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Specification for Trusted PLs? Re: Specification for Trusted PLs?
List	pgsql-hackers

Tree view

So, here's a working definition:

1) cannot directly read or write files on the server.
2) cannot bind network ports
3) uses only the SPI interface to interact with postgresql tables etc.
4) does any logging only using elog to the postgres log

Questions:

a) it seems like there should be some kind of restriction on access to 
memory, but I'm not clear on how that would be defined.

b) where are we with the whole trusted module thing?  Like for CPAN 
modules etc.

--                                   -- Josh Berkus                                     PostgreSQL Experts Inc.
                           http://www.pgexperts.com

pgsql-hackers by date:

From: Pavel Stehule
Date: 21 May 2010, 15:11:12
Subject: Re: unnailing shared relations (was Re: global temporary tables)

From: Magnus Hagander
Date: 21 May 2010, 15:57:42
Subject: Re: Specification for Trusted PLs?

Re: Specification for Trusted PLs? - Mailing list pgsql-hackers

Previous

Next