[HACKERS] [PATCH] Add _PG_init to PL language handler documentation

[Jonathan Leto]

Howdy,

This tiny doc patch adds _PG_init to the skeleton example code for a
PL. The information is quite valuable to PL authors, who might miss it
when it is described in the shared library documentation.

This patch was based off of 6e2ba96 in the git mirror and a colorized
diff can be viewed here:

http://github.com/leto/postgres/commit/a9e265a7f55a0605fb4c6135f0f689c8b89e9623

Duke

-- 
Jonathan "Duke" Leto
jonat...@leto.net
http://leto.net


pginit.patch
Description: Binary data

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Specification for Trusted PLs?

[Jonathan Leto]

Howdy,

On Fri, May 21, 2010 at 11:21 AM, Tom Lane  wrote:
> Robert Haas  writes:
>> So... can we get back to coming up with a reasonable
>> definition,
>
> (1) no access to system calls (including file and network I/O)
>
> (2) no access to process memory, other than variables defined within the
> PL.
>
> What else?

I ran across this comment in PL/Perl while implementing PL/Parrot, and
I think it should be taken into consideration for the definition of
trusted/untrusted:

/*
 * plperl.on_plperl_init is currently PGC_SUSET to avoid issues whereby a
 * user who doesn't have USAGE privileges on the plperl language could
 * possibly use SET plperl.on_plperl_init='...' to influence the behaviour
 * of any existing plperl function that they can EXECUTE (which may be
 * security definer). Set
 * http://archives.postgresql.org/pgsql-hackers/2010-02/msg00281.php and
 * the overall thread.
 */

Duke

-- 
Jonathan "Duke" Leto
jonat...@leto.net
http://leto.net

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers