Re: Safe security

Andrew Dunstan <andrew@dunslane.net>

From: Andrew Dunstan <andrew@dunslane.net>
To: jd@commandprompt.com
Cc: Tim Bunce <Tim.Bunce@pobox.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2010-03-04T00:01:56Z
Lists: pgsql-hackers

Joshua D. Drake wrote:
> On Wed, 2010-03-03 at 11:33 -0500, Andrew Dunstan wrote:
>
>   
>>>   
>>>       
>> Well, we could put in similar weasel words I guess. But after all, 
>> Safe's very purpose is to provide a restricted execution environment, no?
>>     
>
> We already do, in our license.
>
>
>   


True. I think the weasel formula I prefer here is a bit different. It 
might be reasonable to say something along the lines of:

    To the extent it is prevented by the Perl Safe module, there is no
    way provided to access internals of the database server process or
    to gain OS-level access with the permissions of the server process,
    as a C function can do.


cheers

andrew