From: | Karsten Hilbert <Karsten(dot)Hilbert(at)gmx(dot)net> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: PlPython |
Date: | 2003-06-26 18:48:41 |
Message-ID: | 20030626204841.B609@hermes.hilbert.loc |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-hackers |
>>Now that the rexec code is gone, it MUST be marked untrusted --- this is
>>not a question for debate. Installing it as trusted would be a security
>>hole.
>
> That means that there is something else untrusted in PLPython,
> what is this?
Well, basically everything else.
You are getting this backwards. Making Python a *trusted*
language *requires* something like rexec. Since we don't have
rexec anymore (it never was much good, apparently) we cannot
make Python trusted. Hence we must make it untrusted to keep
it in at all.
The point here is not whether we trust the rest of Python but
whether we have something (like rexec) that restricts the
standard Python. Only if we have that do we define a language
as "trusted".
Things would be different, of course, if an entire language
was restricted by nature. That would be a candidate for a
trusted language without needing specific add-on execution
restriction.
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
From | Date | Subject | |
---|---|---|---|
Next Message | Steve Crawford | 2003-06-26 19:33:51 | Re: How many fields in a table are too many |
Previous Message | Doug McNaught | 2003-06-26 18:45:07 | Re: PlPython |
From | Date | Subject | |
---|---|---|---|
Next Message | Austin Gonyou | 2003-06-26 19:00:58 | Re: Two weeks to feature freeze |
Previous Message | Thomas Swan | 2003-06-26 18:48:01 | Re: Two weeks to feature freeze |