Robert Haas <> writes:
> On Fri, May 21, 2010 at 2:21 PM, Tom Lane <> wrote:
>> (1) no access to system calls (including file and network I/O)
>> (2) no access to process memory, other than variables defined within the
>> PL.
>> What else?

> Doesn't subvert the general PostgreSQL security mechanisms?  Not sure
> how to formulate that.

As long as you can't do database access except via SPI, that should be
covered.  So I guess the next item on the list is no, or at least
restricted, access to functions outside the PL's own language.

                        regards, tom lane

Sent via pgsql-hackers mailing list (
To make changes to your subscription:

Reply via email to