| From: | Andres Freund <andres(at)2ndquadrant(dot)com> |
|---|---|
| To: | Claudio Freire <klaussfreire(at)gmail(dot)com> |
| Cc: | Szymon Guz <mabewlun(at)gmail(dot)com>, Martijn van Oosterhout <kleptog(at)svana(dot)org>, Andrew Dunstan <andrew(at)dunslane(dot)net>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: plpython implementation |
| Date: | 2013-07-01 07:40:51 |
| Message-ID: | 20130701074051.GQ11516@alap2.anarazel.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2013-06-30 22:43:52 -0300, Claudio Freire wrote:
> Not only that, the CPython interpreter is rather fuzzy about the
> division between interpreters. You can initialize multiple
> interpreters, but they share a lot of state, so you can never fully
> separate them. You'd have some state from the untrusted interpreter
> spill over into the trusted one within the same session, which is not
> ideal at all (and in fact can be exploited).
>
> In essence, you'd have to use another implementation. CPython guys
> have left it very clear they don't intend to "fix" that, as they don't
> consider it a bug. It's just how it is.
Doesn't zope's RestrictedPython have a history of working reasonably
well? Now, you sure pay a price for that, but ...
Greetings,
Andres Freund
--
Andres Freund http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2013-07-01 07:47:46 | Re: proposal: simple date constructor from numeric values |
| Previous Message | Jeevan Chalke | 2013-07-01 07:19:55 | Re: Department of Redundancy Department: makeNode(FuncCall) division |