Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Fri, May 21, 2010 at 2:21 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> (1) no access to system calls (including file and network I/O)
>> (2) no access to process memory, other than variables defined within the
>> What else?
> Doesn't subvert the general PostgreSQL security mechanisms? Not sure
> how to formulate that.
As long as you can't do database access except via SPI, that should be
covered. So I guess the next item on the list is no, or at least
restricted, access to functions outside the PL's own language.
regards, tom lane
In response to
pgsql-hackers by date
|Next:||From: Greg Sabino Mullane||Date: 2010-05-21 19:22:00|
|Subject: Re: changed source files.|
|Previous:||From: Tom Lane||Date: 2010-05-21 19:13:22|
|Subject: Re: Specification for Trusted PLs? |