| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | plperl Safe restrictions |
| Date: | 2004-10-14 19:09:42 |
| Message-ID: | 416ECEF6.20704@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
It has just been brought to my attention that we are being very
restrictive about what we allow to be done in trusted plperl. Basically
we allow the :default and :base_math set of operations (run perldoc
Opcode or see http://www.perldoc.com/perl5.8.0/lib/Opcode.html for
details of what these mean). In particular, we do not allow calls to
perl's builtin sort, which is unpleasant, and on reviewing the list it
seems to me we could quite reasonably allow access to pack and unpack
also. bless and sprintf are also likely candidates for inclusion - I
have not finished reviewing the list, and would welcome advice from perl
gurus on this.
On the other side, I think we should exclude the :base_io set which is
part of the :default set (we don't want trusted plperl writing to
stdout, for example - all IO should be forbidden).
I know changing this at this stage of the dev cycle is bad, but I think
it ought to be done. Unless there are loud squawks I will submit a patch
RSN. It should be very low risk - one or two lines.
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2004-10-14 19:26:39 | Re: Problem with CIDR data type restrictions |
| Previous Message | Alvaro Herrera | 2004-10-14 13:00:46 | Re: Why we still see some reports of "could not access transaction status" |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jon Jensen | 2004-10-14 19:31:31 | Re: plperl Safe restrictions |
| Previous Message | Neil Conway | 2004-10-14 05:09:03 | pg_ctl cleanup |