Re: Specification for Trusted PLs?

Peter Geoghegan <peter.geoghegan86@gmail.com>

From: Peter Geoghegan <peter.geoghegan86@gmail.com>
To: Stephen Frost <sfrost@snowman.net>
Cc: David Fetter <david@fetter.org>, PG Hackers <pgsql-hackers@postgresql.org>
Date: 2010-05-21T12:55:03Z
Lists: pgsql-hackers
> That's about it- a language is TRUSTED if there's no way for a user to
> be able to write a function which will give them access to things
> they're not supposed to have.  Practically, this includes things like
> any kind of direct I/O (files, network, etc).

The fact that plpythonu used to be plpython back in 7.3 serves to
illustrate that the distinction is not all that well defined. I guess
that someone made an executive decision that the python restricted
execution environment wasn't restricted enough.

Regards,
Peter Geoghegan