| From: | Cédric Villemain <cedric(dot)villemain(dot)debian(at)gmail(dot)com> |
|---|---|
| To: | Jan Wieck <JanWieck(at)yahoo(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Joshua Tolley <eggyknap(at)gmail(dot)com>, David Fetter <david(at)fetter(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Magnus Hagander <magnus(at)hagander(dot)net>, Josh Berkus <josh(at)agliodbs(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Specification for Trusted PLs? |
| Date: | 2010-05-22 20:53:49 |
| Message-ID: | AANLkTinpGyNg0cwbzmlgnCKMjekOEN4N6NLJpy0Av2wQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
2010/5/21 Jan Wieck <JanWieck(at)yahoo(dot)com>:
> The original idea was that a trusted language does not allow an unprivileged
> user to gain access to any object or data, he does not have access to
> without that language.
>
> This does not include data transformation functionality, like string
> processing or the like. As long as the user had legitimate access to the
> input datum, then every derived form thereof is OK.
I find the current doc enough, add this prose from Jan as a comment
might help people perhaps.
>
>
> Jan
>
> --
> Anyone who trades liberty for security deserves neither
> liberty nor security. -- Benjamin Franklin
>
> --
> Sent via pgsql-hackers mailing list (pgsql-hackers(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-hackers
>
--
Cédric Villemain
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jan Wieck | 2010-05-23 00:52:25 | Re: Idea for getting rid of VACUUM FREEZE on cold pages |
| Previous Message | Robert Haas | 2010-05-22 18:42:25 | Re: "unexpected" query behaviour after i change parser code |