Re: Add on_trusted_init and on_untrusted_init to plperl [PATCH]

Andrew Dunstan <andrew@dunslane.net>

From: Andrew Dunstan <andrew@dunslane.net>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Tim Bunce <Tim.Bunce@pobox.com>, pgsql-hackers@postgresql.org
Date: 2010-01-28T17:02:49Z
Lists: pgsql-hackers

Tom Lane wrote:
>
> Isn't it a security hole if on_trusted_init is USERSET?  That means
> an unprivileged user can determine what will happen in plperlu.
> SUSET would be saner.
>   

ITYM on_untrusted_init.

cheers

andrew