Re: pl/pgsql enabled by default - Mailing list pgsql-hackers

From Tom Lane
Subject Re: pl/pgsql enabled by default
Date
Msg-id 6324.1115507630@sss.pgh.pa.us
Whole thread Raw
In response to Re: pl/pgsql enabled by default  (Josh Berkus <josh@agliodbs.com>)
List pgsql-hackers
Josh Berkus <josh@agliodbs.com> writes:
> Before we get into more minutia regarding potential security risk of plpgsql,
> are there any reasons *other* than security to not enable it?

Several potential issues have already been mentioned in this thread,
eg, what about shared library dependency vs linking plpgsql statically
into the backend, how will we deal with existing dump files, how will
it be possible for a DBA to disable the feature if he wishes.

But security is the easiest to handwave about with no facts ;-) ...
so if it gets shot down on that basis then no one need do the work
to figure out solutions to the other questions.
        regards, tom lane


pgsql-hackers by date:

Previous
From: "John Hansen"
Date:
Subject: Re: Patch for collation using ICU
Next
From: Tom Lane
Date:
Subject: Re: Race conditions, race conditions!