| From: | Thomas Hallgren <thhal(at)mailblocks(dot)com> |
|---|---|
| To: | elein <elein(at)varlena(dot)com> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Interpretation of TRUSTED |
| Date: | 2005-02-08 22:58:46 |
| Message-ID: | thhal-0rtzkArUnxicmWc+Tt5/bJMG7jbYVkv@mailblocks.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
elein wrote:
>An untrusted language is so because of what it can do and cannot do.
>An untrusted language cannot access the filesystem, for example.
>
>WHO writes and runs untrusted and trusted procedures is a different
>thing. It is the security mechanism meant to restrict writting
>and running the functions written in a trusted/untrusted language.
>
>
Ok, that makes a lot of sense. I read the documentation: "3.4.1
Installing Procedural Languages". It is a bit vague on what an untrusted
language should be prevented from doing. "do not allow access to
database server internals or the file system" is what it says. How about
network access? Is there a more canonical definition somewhere that I
can read ?
Regards,
Thomas Hallgren
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-02-08 23:08:58 | Re: Interpretation of TRUSTED |
| Previous Message | elein | 2005-02-08 22:51:10 | Re: Interpretation of TRUSTED |