Re: Specification for Trusted PLs?
Jan Wieck <janwieck@yahoo.com>
From: Jan Wieck <JanWieck@Yahoo.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Joshua Tolley <eggyknap@gmail.com>, David Fetter <david@fetter.org>, Robert Haas <robertmhaas@gmail.com>, Stephen Frost <sfrost@snowman.net>, Magnus Hagander <magnus@hagander.net>, Josh Berkus <josh@agliodbs.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2010-05-21T21:05:10Z
Lists: pgsql-hackers
The original idea was that a trusted language does not allow an unprivileged user to gain access to any object or data, he does not have access to without that language. This does not include data transformation functionality, like string processing or the like. As long as the user had legitimate access to the input datum, then every derived form thereof is OK. Jan -- Anyone who trades liberty for security deserves neither liberty nor security. -- Benjamin Franklin