From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Steven Pousty <steve(dot)pousty(at)gmail(dot)com>, pgsql-docs(at)lists(dot)postgresql(dot)org |
Subject: | Re: Trusted versus untrusted Pl language |
Date: | 2020-12-24 00:49:22 |
Message-ID: | 20201224004922.GB13055@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-docs |
On Wed, Dec 23, 2020 at 07:38:16PM -0500, Tom Lane wrote:
> Steven Pousty <steve(dot)pousty(at)gmail(dot)com> writes:
> > 3. An example of how to make a pre-installed untrusted langue into a
> > trusted language
>
> Under what circumstances would that be a good idea?
>
> I can't imagine that we'd really want to recommend end users doing
> that, but an example would surely be taken as a recommendation
> that it's okay to do it.
Right. The language has to provide some sandbox environment for us to
consider it safe, e.g. Perl, but not Python. PL/pgSQL is safe since it
doesn't have any interface to external resources.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee
From | Date | Subject | |
---|---|---|---|
Next Message | Steven Pousty | 2020-12-24 20:01:25 | Re: Trusted versus untrusted Pl language |
Previous Message | Tom Lane | 2020-12-24 00:38:16 | Re: Trusted versus untrusted Pl language |