Re: Possible major bug in PlPython (plus some other ideas)

On Sat, 17 Nov 2001, Bruce Momjian wrote:
> Has this all been addressed? Are there any TODO items here?

All of the security related _problems_ that affect the rest of 7.2 have been
solved, to the best of my knowledge. The discussion below pretains to adding
an additional untrusted mode like plperl has. Since this is a new feature,
it is on the TODO list for 7.3.

Regards,
-Kevin Jacobs

>
> ---------------------------------------------------------------------------
>
> > Bradley McLean <brad(at)bradm(dot)net> writes:
> > > (Everyone) Would a patch to add trusted language support be accepted
> > > for 7.2, or is it too late?
> >
> > I think the code in there already is the trusted case, no? The addition
> > would be an untrusted mode for plpython.
> >
> > trusted = language handler prevents security violations, so unprivileged
> > users are allowed to define functions in the language (ie, we trust the
> > language itself to prevent security breaches)
> >
> > untrusted = language allows user to access things outside database,
> > so only Postgres superusers are allowed to define functions in the
> > language (ie, we must trust the function author instead of the language)
> >
> > In any case, a second security level in plpython would clearly be a new
> > feature, and so I'd say it's too late to consider it for 7.2. All that
> > we want to do at this point is verify Kevin's proposed patch for the
> > existing security level. But certainly a "plpythonu" addition would
> > be welcome for 7.3.
> >
> > regards, tom lane
> >
> > ---------------------------(end of broadcast)---------------------------
> > TIP 4: Don't 'kill -9' the postmaster
> >
>
>

--
Kevin Jacobs
The OPAL Group - Enterprise Systems Architect
Voice: (216) 986-0710 x 19 E-mail: jacobs(at)theopalgroup(dot)com
Fax: (216) 986-0714 WWW: http://www.theopalgroup.com