| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | alex(at)pilosoft(dot)com |
| Cc: | Andrew Dunstan <andrew(at)dunslane(dot)net>, Michael Fuhr <mike(at)fuhr(dot)org>, Mike Rylander <mrylander(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: DBD::PgSPI 0.02 |
| Date: | 2004-12-06 22:19:48 |
| Message-ID: | 7091.1102371588@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
alex(at)pilosoft(dot)com writes:
> On Mon, 6 Dec 2004, Andrew Dunstan wrote:
>>> . how to turn it on for trusted plperl
>> [ snip ]
> Errr my bad. I keep confusing trusted/untrusted. It does not allow it, nor
> should it.
> The purpose of PgSPI is to write 'middleware' solutions in perl - the idea
> is that you can take a piece of existing client-side code and make a
> server-side stored procedure out of it in a minute without any changes to
> the code.
Sure. But you don't run your middleware as root (I hope ;-)) and you
shouldn't run it in untrusted server-side languages either. I agree
with Andrew that it's important to figure out how to make DBI usable
in trusted plperl. Obviously this isn't happening in time for 8.0,
but it deserves a place on the TODO list.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | alex | 2004-12-06 22:21:52 | Re: DBD::PgSPI 0.02 |
| Previous Message | Martijn van Oosterhout | 2004-12-06 22:15:52 | Re: When to encrypt |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | alex | 2004-12-06 22:21:52 | Re: DBD::PgSPI 0.02 |
| Previous Message | Simon Riggs | 2004-12-06 22:17:53 | Re: V8 Beta 5 on AIX |