[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] plpython in PostgreSQL
|
From: |
Karsten Hilbert |
|
Subject: |
Re: [Gnumed-devel] plpython in PostgreSQL |
|
Date: |
Thu, 19 Jun 2003 13:41:40 +0200 |
|
User-agent: |
Mutt/1.3.22.1i |
> could you explain this a bit more
Procedural languages for PostgreSQL are used to write
functions, triggers and rules. They come in two flavours:
Trusted and untrusted. The trusted version is restricted in
functionality in order to limit its ability to do harmful
things (eg it cannot write to the file system from inside a
trigger). In return it has more access to server internals
than the untrusted version which has far fewer functional
restrictions.
With plpython there's only a trusted version right now. The
trust status is achieved by using the Python rexec mode
(restricted execution). However, this rexec mode is not
supported under Python > 2.1 anymore. Hence, the trusted
version of plpython is in danger of being dropped from
PostgreSQL unless someone makes an untrusted version or
re-implements rexec. The reasons rexec was being dropped from
Python include that it wasn't really secure after all.
For us that means: No depending on Python triggers. Darn.
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346