Home > mailing lists

Re: Possible major bug in PlPython (plus some other ideas) - Mailing list pgsql-hackers

From	Kevin Jacobs
Subject	Re: Possible major bug in PlPython (plus some other ideas)
Date	November 13, 2001 16:42:30
Msg-id	Pine.LNX.4.33.0111091331230.6879-100000@penguin.theopalgroup.com Whole thread Raw
In response to	Re: Possible major bug in PlPython (plus some other ideas) (Hannu Krosing <hannu@tm.ee>)
List	pgsql-hackers

Tree view

On Fri, 9 Nov 2001, Hannu Krosing wrote:
> Kevin Jacobs wrote:
> >
> > > >   1) If Plpython is installed as a trusted language, and from what little I
> > > >      can glean from the documentation, it should not have any filesystem access.
> > > >      However, the default behavior of the restricted execution environment
> > > >      being used allows read-only filesystem access.
> > >
> > > we have 'read-only filesystem access anyhow' :
> >
> > Then I consider this a bug if a non-super-user can do this.
>
> It's not that bad - only postgresql superuser can use copy to/from file

Ah -- then it still means we should take read-only filesystem access away
from plpython for now.  If we want to implemente a trusted mode, then we can
add it back in.

-Kevin

--
Kevin Jacobs
The OPAL Group - Enterprise Systems Architect
Voice: (216) 986-0710 x 19         E-mail: jacobs@theopalgroup.com
Fax:   (216) 986-0714              WWW:    http://www.theopalgroup.com

pgsql-hackers by date:

From: Vince Vielhaber
Date: 13 November 2001, 16:42:28
Subject: Re: Open items

From: Tom Lane
Date: 13 November 2001, 16:42:31
Subject: Re: Open items

Re: Possible major bug in PlPython (plus some other ideas) - Mailing list pgsql-hackers

Previous

Next