Re: [HACKERS] Updating column on row update

Andrew Dunstan <andrew@dunslane.net>

From: Andrew Dunstan <andrew@dunslane.net>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Thom Brown <thombrown@gmail.com>, Robert Haas <robertmhaas@gmail.com>, Craig Ringer <craig@postnewspapers.com.au>, Scott Marlowe <scott.marlowe@gmail.com>, PGSQL Mailing List <pgsql-general@postgresql.org>, pgsql-hackers@postgresql.org
Date: 2009-11-23T15:28:35Z
Lists: pgsql-hackers, pgsql-general

Tom Lane wrote:
> Thom Brown <thombrown@gmail.com> writes:
>   
>> As for having plpgsql installed by default, are there any security
>> implications?
>>     
>
> Well, that's pretty much exactly the question --- are there?  It would
> certainly make it easier for someone to exploit any other security
> weakness they might find.  I believe plain SQL plus SQL functions is
> Turing-complete, but that doesn't mean it's easy or fast to write loops
> etc in it.
>
> 			
>   

That's a bit harder argument to sustain now we have recursive queries, ISTM.

cheers

andrew