| From: | msteele(at)inet-interactif(dot)com |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | plperl woes |
| Date: | 2001-03-06 03:13:23 |
| Message-ID: | 3AA455D3.BB164271@inet-interactif.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hey folks,
I've got quick question. Let's suppose that I'm running postgres
on a machine that's behind a firewall, and have restricted access
to the database server to the local networks. Let's further suppose
I wanted to use plperl as a _complete_ interpreter, without using
the Safe/Opcode stuff, in other words how can I make something
like this work:
CREATE FUNCTION myfunc (TEXT,TEXT) returns TEXT AS '
use strict;
use Crypt::CBC;
my $cipher = new Crypt::CBC(shift,'IDEA');
return $cipher->encrypt(shift);
' LANGUAGE 'plperl';
Or any other arbitrary perl module/function. I know I'm going to get
alot of 'security risks, etc', but I am aware of the
risks, there aren't any users on the box apart from myself,
there never will be. I don't plan on allowing anyone access
to the machine apart from _one_ program which I will audit
for security holes, and this program will filter input
to my newly created functions to avoid possible DOS attacks.
Is there a patch out there that will make plperl 'unsafe' for
people who know what they are doing and don't need the taint
checks? I've tried playing around with plperl.c, but I don't
know enough C to make it work.
Regards,
--
Mark Steele
Vice president research and development
Inet Technologies Inc.
msteele(at)inet-interactif(dot)com
010110010110111101110101001000000110000101110010011001010010000001100100011101010110110101100010
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bell John | 2001-03-06 03:19:37 | Problem re Set Like Structures |
| Previous Message | Tom Lane | 2001-03-06 02:46:17 | Re: MySQLs Describe emulator! |