Untrusted PL/Tcl?

Jan Wieck <janwieck@t-online.de>

From: JanWieck@t-online.de (Jan Wieck)
To: PostgreSQL HACKERS <pgsql-hackers@postgresql.org>
Date: 2000-07-18T11:36:22Z
Lists: pgsql-hackers
Hi all,

    there  have  been a couple of questions WRT doing untrustable
    things like file access, LDAP and the  like  from  inside  of
    triggers or functions.

    Tcl  is  a  powerful  language and could do all that, but the
    interpreter used in PL/Tcl is a safe one,  because  it  is  a
    trusted  procedural  language  (any  non-superuser can create
    functions). I think it should  be  pretty  easy  to  build  a
    second   PL  handler  into  the  module,  that  executes  the
    procedures in a full featured Tcl interpreter, that  has  all
    capabilities. This one would be installed as an untrusted PL,
    so  only  DB  superusers  could  create  functions  in   that
    language.

    Should  I  go  for  it and if so, how should this language be
    named?


Jan

--

#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me.                                  #
#================================================== JanWieck@Yahoo.com #