alex@pilosoft.com writes:
> On Mon, 6 Dec 2004, Andrew Dunstan wrote:
>>> . how to turn it on for trusted plperl
>> [ snip ]
> Errr my bad. I keep confusing trusted/untrusted. It does not allow it, nor
> should it.
> The purpose of PgSPI is to write 'middleware' solutions in perl - the idea
> is that you can take a piece of existing client-side code and make a
> server-side stored procedure out of it in a minute without any changes to
> the code.
Sure. But you don't run your middleware as root (I hope ;-)) and you
shouldn't run it in untrusted server-side languages either. I agree
with Andrew that it's important to figure out how to make DBI usable
in trusted plperl. Obviously this isn't happening in time for 8.0,
but it deserves a place on the TODO list.
regards, tom lane
