| From: | Kris Jurka <books(at)ejurka(dot)com> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgreSQL(dot)org, pljava-dev(at)pgfoundry(dot)org |
| Subject: | Re: Should creating a new base type require superuser status? |
| Date: | 2008-07-31 19:45:13 |
| Message-ID: | Pine.BSO.4.64.0807311543170.14232@leary.csoft.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pljava-dev |
On Wed, 30 Jul 2008, Alvaro Herrera wrote:
> I think being able to return cstring from a user defined function is
> quite dangerous already. I doubt we would ever give that capability to
> non-superusers.
>
> I do agree that creating base types should require a superuser though.
> It too seems dangerous just on principle, even if today there's no
> actual hole (that we already know of).
pl/java already allows non-superusers to create functions returning
cstring and base types built off of these functions. It seems safe to me
if pl/java is doing the construction of cstring from a user provided
java.lang.String.
http://wiki.tada.se/display/pljava/Creating+a+Scalar+UDT+in+Java
Kris Jurka
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Fetter | 2008-07-31 20:06:07 | Re: Fixing DISTINCT ON for duplicate keys |
| Previous Message | Tom Lane | 2008-07-31 19:10:35 | Re: Fixing DISTINCT ON for duplicate keys |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-07-31 21:23:14 | Re: Should creating a new base type require superuser status? |
| Previous Message | Andrew Sullivan | 2008-07-31 08:39:47 | Re: Should creating a new base type require superuser status? |