| From: | Kenneth Marshall <ktm(at)it(dot)is(dot)rice(dot)edu> |
|---|---|
| To: | Keith Worthington <keithw(at)narrowpathinc(dot)com> |
| Cc: | PostgreSQL Interfaces <pgsql-interfaces(at)postgresql(dot)org> |
| Subject: | Re: plperl user function |
| Date: | 2005-04-22 12:41:30 |
| Message-ID: | 20050422124130.GB14229@it.is.rice.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-interfaces |
Keith,
The untrusted language function is not neccessarily any less
secure than the trusted language function. You just need to
vet the function more carefully because it is allowed access
to the local filesystem and other system functions. Once the
function is created, only those who are given execute permission
can run it.
Ken
On Fri, Apr 22, 2005 at 08:29:39AM -0400, Keith Worthington wrote:
>
> > > This leaves me with two questions.
> > > 1) Why can I not use "use strict;" or "use warnings;" as they are
> > > apparently good perl programming practice. I say apparently
> > > because if you remember I started learning this language 3 days
> > > ago and must be considered a neophyte. :-)
>
> > You can't use "use" instruction for security reason. All disk access
> > are denied and use need a disk access.
> >
> > I think you need to use plperlu.
>
> Yes. That fixed my use problems. I am not sure I like the idea of using an
> untrusted language. I wonder if it causes a potential security issue.
>
> > 2) What is wrong with the use of RETURN?
>
> According to Michael (whose email I can't access at the moment) it has to be
> lowercase. I never dreamed Perl would be case sensitive but after changing
> the case, voila! :-)
>
> > > Another question: Is there an issue with using the untrusted perl
> > > language?
> >
> > IIRC you have to be a postgresql superuser (postgres) to execute an
> > untrusted language function.
>
> I just tested the untrusted function using a normal user and it worked.
>
> > > If the code is tested and working is there any real reason to
> > > continue to have "use strict;" and "use warnings;" in the function?
> >
> > Only for manageability in the future.
>
> Hmmm well I have this gut feeling that it is better to use a trusted language
> than an untrusted one but I have no idea if that is supported by fact. My
> inclination is that now that the function is working and tested that I should
> comment out the two "use" commands and recreate the function with the trusted
> version.
>
> Kind Regards,
> Keith
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo(at)postgresql(dot)org
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sean Davis | 2005-04-22 13:18:10 | Re: plperl user function |
| Previous Message | Keith Worthington | 2005-04-22 12:29:39 | Re: plperl user function |