Thread: plperl vs. plperlu
while playing with the OSCON CD's, I noticed that the current version of plperl installs the same function handler for both, plperl and plperlu. I was wondering how it implements the important security difference or, in case it is not handled and both are in fact the same, who ignored this IMHO important difference in the naming convention of procedural languages. Jan -- #======================================================================# # It's easier to get forgiveness for being wrong than for being right. # # Let's break this rule - forgive me. # #================================================== JanWieck@Yahoo.com #
If trusted, the function is located inside a perl Safe container, a mechanism designed for just this purpose. Try doing something forbidden inside a trusted function (like opening a file) and you will see the error. cheers andrew Jan Wieck wrote: > while playing with the OSCON CD's, I noticed that the current version > of plperl installs the same function handler for both, plperl and > plperlu. I was wondering how it implements the important security > difference or, in case it is not handled and both are in fact the > same, who ignored this IMHO important difference in the naming > convention of procedural languages. > > > Jan >
On 7/10/2004 9:05 AM, Andrew Dunstan wrote: > If trusted, the function is located inside a perl Safe container, a > mechanism designed for just this purpose. Try doing something forbidden > inside a trusted function (like opening a file) and you will see the error. As if I would know perl :-) But yes, I see that it does it in create_sub() now ... thanks for the clearification. Jan > > cheers > > andrew > > Jan Wieck wrote: > >> while playing with the OSCON CD's, I noticed that the current version >> of plperl installs the same function handler for both, plperl and >> plperlu. I was wondering how it implements the important security >> difference or, in case it is not handled and both are in fact the >> same, who ignored this IMHO important difference in the naming >> convention of procedural languages. >> >> >> Jan >> -- #======================================================================# # It's easier to get forgiveness for being wrong than for being right. # # Let's break this rule - forgive me. # #================================================== JanWieck@Yahoo.com #