| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Joshua Kramer <josh(at)bitbuckets(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Security implications of untrusted triggers |
| Date: | 2006-01-12 18:56:00 |
| Message-ID: | 19340.1137092160@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Joshua Kramer <josh(at)bitbuckets(dot)com> writes:
> I am writing a couple of Perl modules that talk to the outside world: one
> talks to a database (via DBI), and one talks to a Jabber/XMPP server. I
> want to use these from within a Trigger.
This is most likely a bad idea for reasons that have nothing to do with
security. Consider what happens when the trigger executes and later in
the transaction there's an error, causing the whole transaction to roll
back. Now the outside world has changed state and your database has
not.
It's usually better to have an application process that is in charge of
monitoring database state and updating external stuff to match. See the
archives for many previous discussions of this point.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Angshu Kar | 2006-01-12 18:58:11 | MAX without FROM |
| Previous Message | Tom Lane | 2006-01-12 18:51:38 | Re: Plans for 8.2? |