Thread: Taint mode in PL/Perl
I've googled and read documentation but I can't figure this out. How
do I configure Postgres so that PL/Perl runs in taint mode? I
understand that plperl runs in "safe mode" but that's not quite the
same thing as taint mode.
I do know that it's not running in taint mode because this script returns 0:
-- are we in taint mode?
create function in_taint() returns varchar as $$
return ${^TAINT};
$$ language plperl;
select in_taint();
in_taint
----------
0
(1 row)
I am using this version of Pg:
PostgreSQL 9.3.9 on x86_64-unknown-linux-gnu, compiled by gcc (Ubuntu
4.8.4-2ubuntu1~14.04) 4.8.4, 64-bit
I am running it on Linux as follows:
Operating system: Ubuntu Linux 14.04.2
Kernel and CPU: Linux 3.13.0-57-generic on x86_64
I configured PL/Perl in postgresql.conf with this line:
plperl.use_strict 1
Please let me know any other info I can give to help with this issue.
Thanks so much!
On 08/02/2015 12:41 PM, Terry Scheingeld wrote:
> I've googled and read documentation but I can't figure this out. How
> do I configure Postgres so that PL/Perl runs in taint mode? I
> understand that plperl runs in "safe mode" but that's not quite the
> same thing as taint mode.
>
> I do know that it's not running in taint mode because this script returns 0:
>
> -- are we in taint mode?
> create function in_taint() returns varchar as $$
> return ${^TAINT};
> $$ language plperl;
>
> select in_taint();
>
> in_taint
> ----------
> 0
> (1 row)
>
> I am using this version of Pg:
>
> PostgreSQL 9.3.9 on x86_64-unknown-linux-gnu, compiled by gcc (Ubuntu
> 4.8.4-2ubuntu1~14.04) 4.8.4, 64-bit
>
> I am running it on Linux as follows:
>
> Operating system: Ubuntu Linux 14.04.2
> Kernel and CPU: Linux 3.13.0-57-generic on x86_64
>
> I configured PL/Perl in postgresql.conf with this line:
>
> plperl.use_strict 1
>
> Please let me know any other info I can give to help with this issue.
> Thanks so much!
>
>
This is completely the wrong list to ask this question. Please ask on
the correct mailing list, pgsql-general.
cheers
andrew
Mea culpa. I'll post as you suggest. I posted to pgsql-committers because that's where I found most of the questions about PL/Perl: http://www.postgresql.org/search/?m=1&q=PL%2FPerl On Sun, Aug 2, 2015 at 3:53 PM, Andrew Dunstan <andrew@dunslane.net> wrote: > > On 08/02/2015 12:41 PM, Terry Scheingeld wrote: >> >> I've googled and read documentation but I can't figure this out. How >> do I configure Postgres so that PL/Perl runs in taint mode? I >> understand that plperl runs in "safe mode" but that's not quite the >> same thing as taint mode. >> >> I do know that it's not running in taint mode because this script returns >> 0: >> >> -- are we in taint mode? >> create function in_taint() returns varchar as $$ >> return ${^TAINT}; >> $$ language plperl; >> >> select in_taint(); >> >> in_taint >> ---------- >> 0 >> (1 row) >> >> I am using this version of Pg: >> >> PostgreSQL 9.3.9 on x86_64-unknown-linux-gnu, compiled by gcc (Ubuntu >> 4.8.4-2ubuntu1~14.04) 4.8.4, 64-bit >> >> I am running it on Linux as follows: >> >> Operating system: Ubuntu Linux 14.04.2 >> Kernel and CPU: Linux 3.13.0-57-generic on x86_64 >> >> I configured PL/Perl in postgresql.conf with this line: >> >> plperl.use_strict 1 >> >> Please let me know any other info I can give to help with this issue. >> Thanks so much! >> >> > > > This is completely the wrong list to ask this question. Please ask on the > correct mailing list, pgsql-general. > > cheers > > andrew >