Home > mailing lists

Re: allow building trusted languages without the untrusted versions - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: allow building trusted languages without the untrusted versions
Date	May 27, 2022 15:03:21
Msg-id	849661f1-85a3-2833-5477-059a9b58e70f@enterprisedb.com Whole thread Raw
In response to	Re: allow building trusted languages without the untrusted versions (Nathan Bossart <nathandbossart@gmail.com>)
Responses	Re: allow building trusted languages without the untrusted versions (Nathan Bossart <nathandbossart@gmail.com>)
List	pgsql-hackers

Tree view

On 24.05.22 22:58, Nathan Bossart wrote:
> FWIW this was my original thinking.  I can choose to build/install
> extensions separately, but when it comes to PL/Tcl and PL/Perl, you've
> got to build the trusted and untrusted stuff at the same time, and the
> untrusted symbols remain even if you remove the control file and
> installation scripts.  Of course, this isn't a complete solution for
> removing the ability to do any sort of random file system access, though.

This only makes sense to me if you install directly from the source tree 
to your production installation.  Presumably, there is usually a 
packaging step in between.  And you can decide at that point which files 
to install or not to install.

pgsql-hackers by date:

From: Laurenz Albe
Date: 27 May 2022, 15:02:24
Subject: Re: Prevent writes on large objects in read-only transactions

From: Amit Langote
Date: 27 May 2022, 15:22:34
Subject: Re: doc: CREATE FOREIGN TABLE .. PARTITION OF .. DEFAULT

Re: allow building trusted languages without the untrusted versions - Mailing list pgsql-hackers

Previous

Next