| From: | "Marko Kreen" <markokr(at)gmail(dot)com> |
|---|---|
| To: | "Erik Jones" <erik(at)myemma(dot)com> |
| Cc: | "Stuart Bishop" <stuart(at)stuartbishop(dot)net>, "Alexandre da Silva" <simpsomboy(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: plpythonu |
| Date: | 2008-01-18 20:34:24 |
| Message-ID: | e51f66da0801181234u739db0c4u98309e9ffcbe91e0@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 1/18/08, Erik Jones <erik(at)myemma(dot)com> wrote:
> On Jan 18, 2008, at 7:48 AM, Stuart Bishop wrote:
> > plpython !=3D plpythonu.
> >
> > plpython was the 'secure' sandboxed version. The Python devs gave up
> > supporting any sort of sandboxing feature in Python declaring it
> > impossib=
> > le.
>
> Someone should definitely take a look at this: http://
> sayspy.blogspot.com/2007/05/i-have-finished-securing-python.html
>
> That guy claims he's locked down the python interpreter there.
Interesting. But the problem has never been in locking down
the interpreter vX.Y, but locking down interpreter vX.Y+1, when
previously work was done on vX.Y. Without upstream developers
cooperation this has been too painful.
So the interesting thing in the posting is not that he succeeded
locking Python down, but that he is pushing the patch to core.
--
marko
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-01-18 20:34:39 | Re: Stupid question about WAL archiving |
| Previous Message | Tom Lane | 2008-01-18 20:29:52 | Re: Postgresql 8.2.4 on linux-sparc problem |