On Jan 19, 2010, at 9:26 PM, Andrew Dunstan wrote:
> The first thing I think we need to do is move the GUC processing code out of _PG_init() and into
plperl_init_interp(),protected by a flag to make sure it's only called successfully once. I'm trying to work out a neat
wayto put the value back if there is an exception, but it's a bit ugly.
Will this solve the underlying bug in custom GUCs? I'm assuming there is such a bug. Won't this be an issue for other
modulesthat have custom GUCs, potentially a security issue? The addition of new PL/Perl custom GUCs notwithstanding, it
sureseems like a potential security vulnerability such as this should be addressed ASAP.
Who knows this stuff?
Best,
David