| From: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: allow building trusted languages without the untrusted versions |
| Date: | 2022-05-23 17:38:05 |
| Message-ID: | 20220523173805.GB939874@nathanxps13 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, May 23, 2022 at 01:17:08PM -0400, Tom Lane wrote:
> There would probably be some interest in a "--disable-disk-access"
> configure option that did all of this stuff (and some more things
> too), with the aim of locking down *all* known paths to filesystem
> access. I don't see much value in retail options that do some of that.
> In fact, what they might mostly accomplish is to give people a false
> sense of security.
That's a reasonable point. I'll go ahead an explore some options for
something along those lines. A couple of questions immediately come to
mind. For example, should this configuration option just cause these
functions to ERROR, or should it compile them out?
--
Nathan Bossart
Amazon Web Services: https://aws.amazon.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2022-05-23 18:20:02 | Re: allow building trusted languages without the untrusted versions |
| Previous Message | vignesh C | 2022-05-23 17:34:03 | Re: Handle infinite recursion in logical replication setup |