Quick Links

Re: plperl security

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc:	PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, plperlng-devel(at)pgfoundry(dot)org
Subject:	Re: plperl security
Date:	2004-07-05 21:58:05
Message-ID:	4366.1089064685@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> The thing is that unlike TCL we have one interpreter for both trusted
> and untrusted cases.

> My thinking is to factor out all the code that only applies to trusted
> cases from the interpreter init code, and only call it if we try to
> compile a trusted function and it hasn't been run yet. Does that seem
> reasonable?

That would work. You'd need two state flags instead of just one, but
that doesn't seem bad.

Recovering when you get an error is probably the trickiest part of this.

regards, tom lane

In response to

Re: plperl security at 2004-07-05 21:54:50 from Andrew Dunstan

Responses

Re: plperl security at 2004-07-05 22:03:21 from Andrew Dunstan
Re: plperl security at 2004-07-07 13:20:02 from Andrew Dunstan

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	elein	2004-07-05 22:01:04	Re: strange bug in plperl
Previous Message	Andrew Dunstan	2004-07-05 21:54:50	Re: plperl security