On 2/13/17 9:34 PM, Tom Lane wrote:
> Jim Nasby <Jim.Nasby@BlueTreble.com> writes:
>> Is there a reason not to allow $SUBJECT? Specifically, it'd be nice to
>> be able to do something like WHEN tag LIKE 'ALTER%'.
>
> Seems like it would be a seriously bad idea for such an expression to be
> able to invoke arbitrary SQL code. What if it calls a user-defined
> function that tries to do DDL?
Hmm... could we temporarily mark the transaction as being read-only?
Though, can't users already run arbitrary code inside the triggers
themselves?
If we don't want arbitrary DDL there might be other stuff we'd
presumably want to prevent. FDW access comes to mind. So maybe just
restrict what nodes can appear in the expression. You'd want to allow
operators in that list which still leaves a bit of a hole, but if you're
going to take up chainsaw juggling you better know what you're doing...
--
Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX
Experts in Analytics, Data Architecture and PostgreSQL
Data in Trouble? Get it in Treble! http://BlueTreble.com
855-TREBLE2 (855-873-2532)
