| From: | "Sander Steffann" <sander(at)steffann(dot)nl> |
|---|---|
| To: | "Jay O'Connor" <joconnor(at)cybermesa(dot)com>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: plpython? (Was: Re: Damn triggers and NEW) |
| Date: | 2003-06-18 21:06:40 |
| Message-ID: | 003d01c335dd$83c360d0$64c8a8c0@10ww.steffann.nl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi,
> Yes. I can't see that we have any other alternative. The existing
> plpython won't work at all with newer Python installations, and while
> it'd still work with older ones, it has exactly the same security holes
> that prompted the Python folk to pull rexec. That means it's foolish
> to pretend that it can still be considered a trusted language. So
> I feel we cannot just leave it sit there. Either somebody does the
> legwork to convert it into an untrusted language that doesn't use rexec,
> or it goes. And I don't think any of the core team has the time to do
> that legwork. If there's no plpython user with the commitment to fix
> it, it's history :-(. Any volunteers out there?
Not that I have time to do this, but I realy _need_ plpython in my current
project. So if nobody else will do it I'll have to make/find time... I also
don't have much experience with integrating Python and C, so I would have to
learn that.
I think it would be better if someone with more experience and time would do
this, but if nobody else is available I'll do it.
Sander.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | scott.marlowe | 2003-06-18 21:09:44 | Re: A creepy story about dates. How to prevent it? |
| Previous Message | Yusuf | 2003-06-18 20:58:32 | Performance differences using varchar, char and text |