On Wed, Feb 3, 2010 at 11:28, Tom Lane <[email protected]> wrote: > Tim Bunce <[email protected]> writes: >> I do see a need for a GRANT check and I'm adding one now (based on >> the code in CreateFunction() in functioncmds.c - thanks to RhodiumToad >> on IRC for the pointer). > > What exactly are you proposing to check, and where, and what do you > think that will fix?
Non plperl GRANTed people could modify the global $_SHARED variable. Currently anyone that can make a plperl function can do anything they want with $_SHARED. So In my mind disallowing them to set plperl.plperl_safe_init would make the permission model of $_SHARED consistent. No? Now im not saying its a good permission model... -- Sent via pgsql-hackers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
