Re: pl/pgsql enabled by default

From: Andrew Sullivan <ajs(at)crankycanuck(dot)ca>
To: pgsql-hackers(at)postgresql(dot)org
Subject: Re: pl/pgsql enabled by default
Date: 2005-05-07 14:56:42
Message-ID: 20050507145642.GA15586@phlogiston.dyndns.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Sat, May 07, 2005 at 02:52:57PM +1000, Neil Conway wrote:
>
> So would you have us disable all the non-essential builtin functions?
> (Many of which have has security problems in the past.) What about the
> builtin encoding conversions, non-btree indexes, or a myriad of features
> that not all users need or use?

This is not really analogous, because those are already on (and in
most cases, not easily disabled). What you're arguing for is to add
yet another on-by-default feature. Given that there's already a way
to turn it on, why make it automatic? Moreover, if some repackager
wants to make this more convenient, s/he can do so by turning it on
by default. I don't see what's wrong with conservatism here.

> What makes sense for the default configuration of an operating system
> (which by nature must be hardened against attack) does not necessarily
> make sense for a database system.

Indeed. But that doesn't mean that the principle isn't sound for
both cases. I haven't seen an argument against that yet.

A

--
Andrew Sullivan | ajs(at)crankycanuck(dot)ca
The plural of anecdote is not data.
--Roger Brinner

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2005-05-07 14:58:09 Re: Patch for collation using ICU
Previous Message Bruce Momjian 2005-05-07 14:34:24 Re: Patch for collation using ICU