Re: DBD::PgSPI 0.02
| От | Tom Lane |
|---|---|
| Тема | Re: DBD::PgSPI 0.02 |
| Дата | |
| Msg-id | 7091.1102371588@sss.pgh.pa.us обсуждение |
| Ответ на | Re: DBD::PgSPI 0.02 (alex@pilosoft.com) |
| Ответы |
Re: DBD::PgSPI 0.02
|
| Список | pgsql-hackers |
alex@pilosoft.com writes:
> On Mon, 6 Dec 2004, Andrew Dunstan wrote:
>>> . how to turn it on for trusted plperl
>> [ snip ]
> Errr my bad. I keep confusing trusted/untrusted. It does not allow it, nor
> should it.
> The purpose of PgSPI is to write 'middleware' solutions in perl - the idea
> is that you can take a piece of existing client-side code and make a
> server-side stored procedure out of it in a minute without any changes to
> the code.
Sure. But you don't run your middleware as root (I hope ;-)) and you
shouldn't run it in untrusted server-side languages either. I agree
with Andrew that it's important to figure out how to make DBI usable
in trusted plperl. Obviously this isn't happening in time for 8.0,
but it deserves a place on the TODO list.
regards, tom lane
В списке pgsql-hackers по дате отправления: