Re: Possible major bug in PlPython (plus some other ideas)

Tom Lane <tgl@sss.pgh.pa.us> writes:

> Hannu Krosing <hannu@tm.ee> writes:
> >> However, the default behavior of the restricted execution environment
> >> being used allows read-only filesystem access.
> 
> > we have 'read-only filesystem access anyhow' :
> 
> > pg72b2=# create table hack(row text);
> > CREATE
> > pg72b2=# copy hack from '/home/pg72b2/data/pg_hba.conf' DELIMITERS
> > '\01';
> 
> Only if you're superuser, which is exactly the point of the trusted
> vs untrusted function restriction.  The plpython problem lets
> non-superusers read any file that the postgres user can read, which
> is not cool.

If a fix is made, will it be backported to the 7.1 branch so vendors
can upgrade their packages if this is necesarry?

-- 
Trond Eivind Glomsrød
Red Hat, Inc.