Peter Eisentraut <[EMAIL PROTECTED]> writes:
> The other problem I see emerging here is that in certain environments,
> the "java" language may not be trusted, such as when it is compiled
> with GCJ.
Hmm, is that really the case? I thought Java is Java.
> Then, this built-in template will override the CREATE
> LANGUAGE specification and introduce a security hole.
But it's exactly the same hole the user would create by manually saying
CREATE TRUSTED LANGUAGE in error. I don't think that's a reasonable
argument against the template idea --- it just says that you have to be
aware of what you're doing.
(An appropriate solution, in my mind, would be to drop the trusted call
handler from the shared library if it's built with gcj --- then there's
really no possibility of doing the wrong thing.)
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend
