| From: | Joe Conway <mail(at)joeconway(dot)com> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com>, Gregory Stark <stark(at)enterprisedb(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Magnus Hagander <magnus(at)hagander(dot)net>, Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>, pgsql-patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: dblink connection security |
| Date: | 2007-07-09 13:47:25 |
| Message-ID: | 46923C6D.9040106@joeconway.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Stephen Frost wrote:
> * Joe Conway (mail(at)joeconway(dot)com) wrote:
>> There are none installed by default -- that's the point.
>
> Uhh... None what? Functions in untrusted languages? That's certainly
> not the case, there's a whole slew of them, from boolin to
> generate_series and beyond. They're available to regular users, even!
Get serious. Internal functions are specifically designed and maintained
to be safe within the confines of the database security model. We are
discussing extensions to the core, all of which must be installed by
choice, by a superuser.
Joe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zdenek Kotala | 2007-07-09 13:48:03 | Re: script binaries renaming |
| Previous Message | Gregory Stark | 2007-07-09 04:49:37 | Re: dblink connection security |