Martijn van Oosterhout wrote:
> On Wed, Jun 28, 2006 at 12:03:40PM +0200, Thomas Hallgren wrote:
>
>> OK. I thought you always had a type descriptor handy when reading the
>> binary representation. I've noticed that the typmod is expected in some
>> receive functions (bpcharrecv and numeric_recv for instance). Are you
>> saying that there are times when you don't use that?
>>
>
> The input functions get it, the output functions (bpcharout,
> bpcharsend, etc) don't. Which makes it kind of hard to print a raw
> value if you don't know how long it's going to be. They used to, but
> that was removed some time back. It's a security issue IIRC, since any
> user could call raw_out(field, 2048) and get whatever was in the 2K of
> data after that field.
>
>
A user that is trusted with installing a C-function in the backend is
free to scan the process memory anyway so in what way did that increase
the security? IMHO, the only relevant security in that context is to
have trusted people install trusted modules. I'm surprised that
something like that made you remove significant functionality.
Regards,
Thomas Hallgren