On Thu, May 27, 2010 at 11:23:44AM -0400, Bruce Momjian wrote:
> Tom Lane wrote:
> > Joshua Tolley <eggyk...@gmail.com> writes:
> > > Agreed. As long as a trusted language can do things outside the
> > > database only by going through a database and calling some
> > > function to which the user has rights, in an untrusted language,
> > > that seems decent to me. A user with permissions to
> > > launch_missiles() would have a function in an untrusted language
> > > to do it, but there's no reason an untrusted language shouldn't
> > > be able to say "SELECT
> > 
> > s/untrusted/trusted/ here, right?
> One thing that has always bugged me is that the use of
> "trusted/untrusted" for languages is confusing, because it is
> "trusted" users who can run untrusted languages.  I think "trust" is
> more associated with users than with software features.  I have no
> idea how this confusion could  be clarified.

Sadly, I don't think it could short of a time machine.  We're stuck
with an backward convention. :(

David Fetter <da...@fetter.org> http://fetter.org/
Phone: +1 415 235 3778  AIM: dfetter666  Yahoo!: dfetter
Skype: davidfetter      XMPP: david.fet...@gmail.com
iCal: webcal://www.tripit.com/feed/ical/people/david74/tripit.ics

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to