Re: Add on_trusted_init and on_untrusted_init to plperl [PATCH]
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Andrew Dunstan <andrew@dunslane.net>
Cc: Tim Bunce <Tim.Bunce@pobox.com>, pgsql-hackers@postgresql.org
Date: 2010-01-28T17:12:58Z
Lists: pgsql-hackers
Andrew Dunstan <andrew@dunslane.net> writes: > Tom Lane wrote: >> Isn't it a security hole if on_trusted_init is USERSET? That means >> an unprivileged user can determine what will happen in plperlu. >> SUSET would be saner. > ITYM on_untrusted_init. Right, sorry, got 'em backwards. regards, tom lane