Has this all been addressed? Are there any TODO items here?
---------------------------------------------------------------------------
> Bradley McLean <brad@bradm.net> writes:
> > (Everyone) Would a patch to add trusted language support be accepted
> > for 7.2, or is it too late?
>
> I think the code in there already is the trusted case, no? The addition
> would be an untrusted mode for plpython.
>
> trusted = language handler prevents security violations, so unprivileged
> users are allowed to define functions in the language (ie, we trust the
> language itself to prevent security breaches)
>
> untrusted = language allows user to access things outside database,
> so only Postgres superusers are allowed to define functions in the
> language (ie, we must trust the function author instead of the language)
>
> In any case, a second security level in plpython would clearly be a new
> feature, and so I'd say it's too late to consider it for 7.2. All that
> we want to do at this point is verify Kevin's proposed patch for the
> existing security level. But certainly a "plpythonu" addition would
> be welcome for 7.3.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
>
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026