| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Steven Pousty <steve(dot)pousty(at)gmail(dot)com> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Pg Docs <pgsql-docs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Trusted versus untrusted Pl language |
| Date: | 2020-12-24 21:26:39 |
| Message-ID: | CAKFQuwacAd2_KhuQiZw-C+7WPkCf3to3B9jSe_WOqa_K8rNc9w@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs |
On Thu, Dec 24, 2020 at 1:01 PM Steven Pousty <steve(dot)pousty(at)gmail(dot)com>
wrote:
> The SQL I am talking about is this:
> UPDATE pg_language SET lanpltrusted = true WHERE lanname LIKE 'plr';
>
You seem to be missing the point. The language is either trusted, or it's
not. Modifying the catalogs is not part of a "good flow", ever. In short,
"don't use trusted languages ever". If a specific requirement can only be
implemented using a trusted language maybe there is a reason to use it - in
development and production (if your DBA will let you) - but more likely you
are better off writing an out-of-database client application and doing the
"trusted" stuff there.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Steven Pousty | 2020-12-24 21:35:07 | Re: Trusted versus untrusted Pl language |
| Previous Message | Steven Pousty | 2020-12-24 20:01:25 | Re: Trusted versus untrusted Pl language |