On Wed, Dec 23, 2020 at 08:24:13PM +0000, PG Doc comments form wrote:
> The following documentation comment has been logged on the website:
>
> Page: https://www.postgresql.org/docs/13/plpython.html
> Description:
>
> Hey all:
> This page & the PL/PERL page are the closest I have seen in the docs about
> trusted versus untrusted languages.
>
> It would be great if we could add a subtopic and 1 or 2 paragraphs on this
> page https://www.postgresql.org/docs/current/xplang.html
Uh, what about this?
https://www.postgresql.org/docs/13/xplang-install.html
> Possibly outline:
> A) Explain to users what trusted versus untrusted in terms of language
> extensions.
> 1) Differentiate that from non-risky versus risky
> 2) Explain why, by default, functions written in untrusted languages
> need to be added by superuser.
> B) It would be great to give an example workflow of working with untrusted
> languages
> 1) Developer uses superuser on their own machine or makes the language
> trusted
> 2) Send function to the DBA
> 3) Function goes through security review and testing
> 4) If it passes then the DBA installs in a production DB
> C) An example on how to make a language trusted in a db.
Does that URL need more detail?
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee