| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Jon Jensen <jon(at)endpoint(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: plperl Safe restrictions |
| Date: | 2004-10-14 19:44:14 |
| Message-ID: | 416ED70E.3040303@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
Jon Jensen wrote:
>On Thu, 14 Oct 2004, Andrew Dunstan wrote:
>
>
>
>>It has just been brought to my attention that we are being very
>>restrictive about what we allow to be done in trusted plperl. Basically
>>we allow the :default and :base_math set of operations (run perldoc
>>Opcode or see http://www.perldoc.com/perl5.8.0/lib/Opcode.html for
>>details of what these mean). In particular, we do not allow calls to
>>perl's builtin sort, which is unpleasant, and on reviewing the list it
>>seems to me we could quite reasonably allow access to pack and unpack
>>also. bless and sprintf are also likely candidates for inclusion - I
>>have not finished reviewing the list, and would welcome advice from perl
>>gurus on this.
>>
>>On the other side, I think we should exclude the :base_io set which is
>>part of the :default set (we don't want trusted plperl writing to
>>stdout, for example - all IO should be forbidden).
>>
>>
>
>That makes sense. Allowing "rand" would be nice too.
>
>
>
>
You can now - it's part of :base_math. What we should do, however, is
disallow is calling srand, since pg goes to quite a bit of trouble to
seed the PRNG.
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Helgason | 2004-10-14 19:46:23 | Re: plperl Safe restrictions |
| Previous Message | Jon Jensen | 2004-10-14 19:31:31 | Re: plperl Safe restrictions |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Helgason | 2004-10-14 19:46:23 | Re: plperl Safe restrictions |
| Previous Message | Jon Jensen | 2004-10-14 19:31:31 | Re: plperl Safe restrictions |