Re: Specification for Trusted PLs?

From: Peter Geoghegan <peter(dot)geoghegan86(at)gmail(dot)com>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: David Fetter <david(at)fetter(dot)org>, PG Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Specification for Trusted PLs?
Date: 2010-05-21 12:55:03
Message-ID: AANLkTinyFfv21KMHcuD2sLRdHRoJw4nUX8E6x5bc9x9q@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

> That's about it- a language is TRUSTED if there's no way for a user to
> be able to write a function which will give them access to things
> they're not supposed to have.  Practically, this includes things like
> any kind of direct I/O (files, network, etc).

The fact that plpythonu used to be plpython back in 7.3 serves to
illustrate that the distinction is not all that well defined. I guess
that someone made an executive decision that the python restricted
execution environment wasn't restricted enough.

Regards,
Peter Geoghegan

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2010-05-21 13:04:01 Re: Specification for Trusted PLs?
Previous Message Stephen Frost 2010-05-21 12:40:55 Re: Specification for Trusted PLs?