Re: Add on_trusted_init and on_untrusted_init to plperl [PATCH]

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Andrew Dunstan <andrew@dunslane.net>
Cc: Tim Bunce <Tim.Bunce@pobox.com>, pgsql-hackers@postgresql.org
Date: 2010-01-28T17:12:58Z
Lists: pgsql-hackers
Andrew Dunstan <andrew@dunslane.net> writes:
> Tom Lane wrote:
>> Isn't it a security hole if on_trusted_init is USERSET?  That means
>> an unprivileged user can determine what will happen in plperlu.
>> SUSET would be saner.

> ITYM on_untrusted_init.

Right, sorry, got 'em backwards.

			regards, tom lane