Re: PlPython

From: Karsten Hilbert <Karsten(dot)Hilbert(at)gmx(dot)net>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: PlPython
Date: 2003-06-26 18:48:41
Message-ID: 20030626204841.B609@hermes.hilbert.loc
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general pgsql-hackers

>>Now that the rexec code is gone, it MUST be marked untrusted --- this is
>>not a question for debate. Installing it as trusted would be a security
>>hole.
>
> That means that there is something else untrusted in PLPython,
> what is this?
Well, basically everything else.

You are getting this backwards. Making Python a *trusted*
language *requires* something like rexec. Since we don't have
rexec anymore (it never was much good, apparently) we cannot
make Python trusted. Hence we must make it untrusted to keep
it in at all.

The point here is not whether we trust the rest of Python but
whether we have something (like rexec) that restricts the
standard Python. Only if we have that do we define a language
as "trusted".

Things would be different, of course, if an entire language
was restricted by nature. That would be a candidate for a
trusted language without needing specific add-on execution
restriction.

Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Steve Crawford 2003-06-26 19:33:51 Re: How many fields in a table are too many
Previous Message Doug McNaught 2003-06-26 18:45:07 Re: PlPython

Browse pgsql-hackers by date

  From Date Subject
Next Message Austin Gonyou 2003-06-26 19:00:58 Re: Two weeks to feature freeze
Previous Message Thomas Swan 2003-06-26 18:48:01 Re: Two weeks to feature freeze