Quick Links

Re: Possible major bug in PlPython (plus some other ideas)

From:	Hannu Krosing <hannu(at)tm(dot)ee>
To:	Kevin Jacobs <jacobs(at)penguin(dot)theopalgroup(dot)com>
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Possible major bug in PlPython (plus some other ideas)
Date:	2001-11-09 17:06:17
Message-ID:	3BEC0D09.B7D1D4D0@tm.ee
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Kevin Jacobs wrote:
>
> > > 1) If Plpython is installed as a trusted language, and from what little I
> > > can glean from the documentation, it should not have any filesystem access.
> > > However, the default behavior of the restricted execution environment
> > > being used allows read-only filesystem access.
> >
> > we have 'read-only filesystem access anyhow' :
>
> Then I consider this a bug if a non-super-user can do this.

It's not that bad - only postgresql superuser can use copy to/from file
.

-------------
Hannu

In response to

Re: Possible major bug in PlPython (plus some other ideas) at 2001-11-09 16:32:44 from Kevin Jacobs

Responses

Re: Possible major bug in PlPython (plus some other ideas) at 2001-11-09 18:32:11 from Kevin Jacobs

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Peter Eisentraut	2001-11-09 18:07:30	Re: MD5-based passwords
Previous Message	Tom Lane	2001-11-09 17:04:12	Re: Call for objections: revision of keyword classification