Re: [HACKERS] Updating column on row update
Andrew Dunstan <andrew@dunslane.net>
From: Andrew Dunstan <andrew@dunslane.net>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Thom Brown <thombrown@gmail.com>, Robert Haas <robertmhaas@gmail.com>, Craig Ringer <craig@postnewspapers.com.au>, Scott Marlowe <scott.marlowe@gmail.com>, PGSQL Mailing List <pgsql-general@postgresql.org>, pgsql-hackers@postgresql.org
Date: 2009-11-23T15:28:35Z
Lists: pgsql-hackers, pgsql-general
Tom Lane wrote: > Thom Brown <thombrown@gmail.com> writes: > >> As for having plpgsql installed by default, are there any security >> implications? >> > > Well, that's pretty much exactly the question --- are there? It would > certainly make it easier for someone to exploit any other security > weakness they might find. I believe plain SQL plus SQL functions is > Turing-complete, but that doesn't mean it's easy or fast to write loops > etc in it. > > > That's a bit harder argument to sustain now we have recursive queries, ISTM. cheers andrew