From: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: allow building trusted languages without the untrusted versions |
Date: | 2022-05-23 18:34:57 |
Message-ID: | 20220523183457.GA940868@nathanxps13 |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Mon, May 23, 2022 at 02:20:02PM -0400, Tom Lane wrote:
> Nathan Bossart <nathandbossart(at)gmail(dot)com> writes:
>> That's a reasonable point. I'll go ahead an explore some options for
>> something along those lines. A couple of questions immediately come to
>> mind. For example, should this configuration option just cause these
>> functions to ERROR, or should it compile them out?
>
> Letting them be present but throw error is likely to be far less
> painful than the other way, because then you don't need a separate
> set of SQL-visible object definitions. You could, in fact, imagine
> jacking up an existing database and driving a set of locked-down
> binaries under it --- or vice versa. If there have to be different
> versions of the extension SQL files for the two cases then everything
> gets way hairier, both for developers and users.
Agreed. I'll do it that way.
--
Nathan Bossart
Amazon Web Services: https://aws.amazon.com
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2022-05-23 20:23:56 | Re: allow building trusted languages without the untrusted versions |
Previous Message | Tom Lane | 2022-05-23 18:20:02 | Re: allow building trusted languages without the untrusted versions |