Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co

Поиск
Список
Период
Сортировка
От Andres Freund
Тема Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co
Дата
Msg-id 20160427030411.hjod6bja6pjnmlab@alap3.anarazel.de
обсуждение исходный текст
Ответ на Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co  (Michael Paquier <michael.paquier@gmail.com>)
Список pgsql-committers
Дерево обсуждения 
On 2016-04-26 22:59:44 -0400, Tom Lane wrote:
> What's the argument that it makes debugging harder?  Especially if
> you aren't using it?

If you try to write a V1 function, but forget or mistype/rename the
function in PG_FUNCTION_INFO_V1, you'll get crashes, at least if you're
lucky.


> I don't particularly buy the "easier exploitation" argument, either.
> You can't create a C function without superuser, and if you've got
> superuser there are plenty of ways to run arbitrary code.

Without pl*u installed, I don't think any of them are as simple as
calling system(). But yea, it's not a very high barrier.

В списке pgsql-committers по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: Re: pgsql: Convert contrib/seg's bool-returning SQL functions to V1 call co
Следующее
От: Andres Freund
Дата:
Сообщение: pgsql: Emit invalidations to standby for transactions without xid.