Skip site navigation (1) Skip section navigation (2)

Re: Should creating a new base type require superuser status?

From: Kris Jurka <books(at)ejurka(dot)com>
To: Alvaro Herrera <alvherre(at)commandprompt(dot)com>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgreSQL(dot)org, pljava-dev(at)pgfoundry(dot)org
Subject: Re: Should creating a new base type require superuser status?
Date: 2008-07-31 19:45:13
Message-ID: Pine.BSO.4.64.0807311543170.14232@leary.csoft.net (view raw or flat)
Thread:
Lists: pgsql-hackers

On Wed, 30 Jul 2008, Alvaro Herrera wrote:

> I think being able to return cstring from a user defined function is
> quite dangerous already.  I doubt we would ever give that capability to
> non-superusers.
>
> I do agree that creating base types should require a superuser though.
> It too seems dangerous just on principle, even if today there's no
> actual hole (that we already know of).

pl/java already allows non-superusers to create functions returning 
cstring and base types built off of these functions.  It seems safe to me 
if pl/java is doing the construction of cstring from a user provided 
java.lang.String.

http://wiki.tada.se/display/pljava/Creating+a+Scalar+UDT+in+Java

Kris Jurka

In response to

Responses

pgsql-hackers by date

Next:From: David FetterDate: 2008-07-31 20:06:07
Subject: Re: Fixing DISTINCT ON for duplicate keys
Previous:From: Tom LaneDate: 2008-07-31 19:10:35
Subject: Re: Fixing DISTINCT ON for duplicate keys

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group