Re: [GENERAL] Security implications of (plpgsql) functions

Joe Conway <mail@joeconway.com>

From: Joe Conway <mail@joeconway.com>
To: Doug McNaught <doug@wireboard.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Bruce Momjian <pgman@candle.pha.pa.us>, Marcin Owsiany <marcin@owsiany.pl>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2002-10-21T16:39:51Z
Lists: pgsql-hackers, pgsql-general
Doug McNaught wrote:
> Solved the halting problem lately?  ;)

nah -- I'll leave that as an exercise for the reader ;-)

> Someone determined to DoS could probably get around any practical
> implementation of your idea, using dummy argument, mutual recursion or
> whatever. 
> 

I see your point. I guess a max recursion limit would be the way to go. 
Probably should be a configurable setting.

Joe