| From: | JanWieck(at)t-online(dot)de (Jan Wieck) |
|---|---|
| To: | PostgreSQL HACKERS <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Untrusted PL/Tcl? |
| Date: | 2000-07-18 11:36:22 |
| Message-ID: | 200007181136.NAA10871@hot.jw.home |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi all,
there have been a couple of questions WRT doing untrustable
things like file access, LDAP and the like from inside of
triggers or functions.
Tcl is a powerful language and could do all that, but the
interpreter used in PL/Tcl is a safe one, because it is a
trusted procedural language (any non-superuser can create
functions). I think it should be pretty easy to build a
second PL handler into the module, that executes the
procedures in a full featured Tcl interpreter, that has all
capabilities. This one would be installed as an untrusted PL,
so only DB superusers could create functions in that
language.
Should I go for it and if so, how should this language be
named?
Jan
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck(at)Yahoo(dot)com #
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Larry Rosenman | 2000-07-18 11:50:25 | Re: Update: mac.c update, patch now on ftp |
| Previous Message | Jan Wieck | 2000-07-18 11:27:15 | Re: pltcl regress test? |