Re: plperl Safe restrictions
| От | Tom Lane |
|---|---|
| Тема | Re: plperl Safe restrictions |
| Дата | |
| Msg-id | 10694.1097861227@sss.pgh.pa.us обсуждение |
| Ответ на | Re: plperl Safe restrictions (Andrew Dunstan <andrew@dunslane.net>) |
| Ответы |
Re: plperl Safe restrictions
|
| Список | pgsql-hackers |
Andrew Dunstan <andrew@dunslane.net> writes:
> The question in my mind is "What are we protecting against?" ISTM it is
> the use of the pl as a vector to attack the machine and postgres. Does a
> segfault come into that category? After all, isn't it one of postgres's
> strengths that we can survive individual backends crashing?
Yeah, but a repeatable segfault certainly is an adequate tool for a
denial-of-service attack, since it takes out everyone else's sessions
along with your own. A possibly larger objection is how sure can you be
that the effects will *only* be a segfault, and not say the ability to
execute some user-injected machine code.
regards, tom lane
В списке pgsql-hackers по дате отправления: