| Lists: | pgsql-hackers |
|---|
| From: | Jan Wieck <JanWieck(at)Yahoo(dot)com> |
|---|---|
| To: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | plperl vs. plperlu |
| Date: | 2004-07-10 12:38:04 |
| Message-ID: | 40EFE32C.9090602@Yahoo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
while playing with the OSCON CD's, I noticed that the current version of
plperl installs the same function handler for both, plperl and plperlu.
I was wondering how it implements the important security difference or,
in case it is not handled and both are in fact the same, who ignored
this IMHO important difference in the naming convention of procedural
languages.
Jan
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck(at)Yahoo(dot)com #
| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Jan Wieck <JanWieck(at)Yahoo(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: plperl vs. plperlu |
| Date: | 2004-07-10 13:05:39 |
| Message-ID: | 40EFE9A3.1070508@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
If trusted, the function is located inside a perl Safe container, a
mechanism designed for just this purpose. Try doing something forbidden
inside a trusted function (like opening a file) and you will see the error.
cheers
andrew
Jan Wieck wrote:
> while playing with the OSCON CD's, I noticed that the current version
> of plperl installs the same function handler for both, plperl and
> plperlu. I was wondering how it implements the important security
> difference or, in case it is not handled and both are in fact the
> same, who ignored this IMHO important difference in the naming
> convention of procedural languages.
>
>
> Jan
>
| From: | Jan Wieck <JanWieck(at)Yahoo(dot)com> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: plperl vs. plperlu |
| Date: | 2004-07-10 16:03:55 |
| Message-ID: | 40F0136B.6040800@Yahoo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
On 7/10/2004 9:05 AM, Andrew Dunstan wrote:
> If trusted, the function is located inside a perl Safe container, a
> mechanism designed for just this purpose. Try doing something forbidden
> inside a trusted function (like opening a file) and you will see the error.
As if I would know perl :-)
But yes, I see that it does it in create_sub() now ... thanks for the
clearification.
Jan
>
> cheers
>
> andrew
>
> Jan Wieck wrote:
>
>> while playing with the OSCON CD's, I noticed that the current version
>> of plperl installs the same function handler for both, plperl and
>> plperlu. I was wondering how it implements the important security
>> difference or, in case it is not handled and both are in fact the
>> same, who ignored this IMHO important difference in the naming
>> convention of procedural languages.
>>
>>
>> Jan
>>
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck(at)Yahoo(dot)com #