"Joshua D. Drake" <[EMAIL PROTECTED]> writes:
> What does enabling plpgsql do via access that you can't just do from an
> SQL query?
SQL isn't Turing-complete --- plpgsql is. So if our would-be hacker has
a need to do some computation incidental to his hack, he can certainly
get it done in plpgsql, but not necessarily in plain SQL.
I don't feel a need to offer specific examples as requested by Andrew.
The point here is that we're offering a significantly more powerful
swiss army knife when we include plpgsql (or any other PL), and it's
hard to foresee the implications of that with any certainty.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
