Re: Specification for Trusted PLs?
Peter Geoghegan <peter.geoghegan86@gmail.com>
From: Peter Geoghegan <peter.geoghegan86@gmail.com>
To: Stephen Frost <sfrost@snowman.net>
Cc: David Fetter <david@fetter.org>, PG Hackers <pgsql-hackers@postgresql.org>
Date: 2010-05-21T12:55:03Z
Lists: pgsql-hackers
> That's about it- a language is TRUSTED if there's no way for a user to > be able to write a function which will give them access to things > they're not supposed to have. Practically, this includes things like > any kind of direct I/O (files, network, etc). The fact that plpythonu used to be plpython back in 7.3 serves to illustrate that the distinction is not all that well defined. I guess that someone made an executive decision that the python restricted execution environment wasn't restricted enough. Regards, Peter Geoghegan