Thread: [HACKERS] Possible TODO: allow arbitrary expressions in event trigger WHEN
Is there a reason not to allow $SUBJECT? Specifically, it'd be nice to be able to do something like WHEN tag LIKE 'ALTER%'. -- Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX Experts in Analytics, Data Architecture and PostgreSQL Data in Trouble? Get it in Treble! http://BlueTreble.com 855-TREBLE2 (855-873-2532)
Jim Nasby <Jim.Nasby@BlueTreble.com> writes:
> Is there a reason not to allow $SUBJECT? Specifically, it'd be nice to
> be able to do something like WHEN tag LIKE 'ALTER%'.
Seems like it would be a seriously bad idea for such an expression to be
able to invoke arbitrary SQL code. What if it calls a user-defined
function that tries to do DDL?
regards, tom lane
On 2/13/17 9:34 PM, Tom Lane wrote: > Jim Nasby <Jim.Nasby@BlueTreble.com> writes: >> Is there a reason not to allow $SUBJECT? Specifically, it'd be nice to >> be able to do something like WHEN tag LIKE 'ALTER%'. > > Seems like it would be a seriously bad idea for such an expression to be > able to invoke arbitrary SQL code. What if it calls a user-defined > function that tries to do DDL? Hmm... could we temporarily mark the transaction as being read-only? Though, can't users already run arbitrary code inside the triggers themselves? If we don't want arbitrary DDL there might be other stuff we'd presumably want to prevent. FDW access comes to mind. So maybe just restrict what nodes can appear in the expression. You'd want to allow operators in that list which still leaves a bit of a hole, but if you're going to take up chainsaw juggling you better know what you're doing... -- Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX Experts in Analytics, Data Architecture and PostgreSQL Data in Trouble? Get it in Treble! http://BlueTreble.com 855-TREBLE2 (855-873-2532)
Re: [HACKERS] Possible TODO: allow arbitrary expressions in eventtrigger WHEN
From
Robert Haas
Date:
On Mon, Feb 13, 2017 at 10:34 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > Jim Nasby <Jim.Nasby@BlueTreble.com> writes: >> Is there a reason not to allow $SUBJECT? Specifically, it'd be nice to >> be able to do something like WHEN tag LIKE 'ALTER%'. > > Seems like it would be a seriously bad idea for such an expression to be > able to invoke arbitrary SQL code. What if it calls a user-defined > function that tries to do DDL? Yeah. I remember thinking about this and deciding that allowing real expressions there was totally intractable. I don't remember what all the reasons were, but what Tom's talking about may have been at least part of it. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company