Re: plpgsql by default

David Fetter <david@fetter.org> writes:
> I don't get your not getting this 'cause you're a very smart guy.  Are
> you under the impression that an attacker will stop because he has to
> try a few times?

No, I'm saying that having access to a PL renders certain classes of
attacks significantly more efficient.  A determined attacker with
unlimited time may not care, but in the real world, security is
relative.  You don't have to make yourself an impenetrable target,
only a harder target than the next IP address --- or at least hard
enough that the attacker's likely to get noticed before he's succeeded.
(And certainly, doing anything compute-intensive via recursive SQL
functions is not the way to go unnoticed.)

In the end it's only one small component of security, but any security
expert will tell you that you take all the layers of security that you
can get.  If you don't need a given bit of functionality, it shouldn't
get installed.
        regards, tom lane