Re: Specification for Trusted PLs?

Peter Eisentraut <peter_e@gmx.net>

From: Peter Eisentraut <peter_e@gmx.net>
To: Sam Mason <sam@samason.me.uk>
Cc: pgsql-hackers@postgresql.org
Date: 2010-05-28T12:22:01Z
Lists: pgsql-hackers
On fre, 2010-05-28 at 13:03 +0100, Sam Mason wrote:
> That's not normally a problem.  The conventional way would be to place
> the interpreter in its own sandbox, similar to how Chrome has each tab
> running in its own process.  These processes are protected in a way
> so that the code running inside them can't do any harm--e.g. a ptrace
> jail[1].  This is quite a change from existing pl implementations, and
> present a different set of performance/compatibility issues.

Surely a definition of a trusted language that invalidates the existing
trusted languages is not going help resolve the issue.