Tom Lane wrote:
This is a non-issue in PL/Java. An integer parameter is never passed by
reference and there's no way the PL/Java user can get direct access to
backend memory.
So what exactly does happen when the user deliberately specifies wrong
typlen/typbyval/typalign info when creati
Thomas Hallgren <[EMAIL PROTECTED]> writes:
> Tom Lane wrote:
>> The problem that we've seen in the past shows up when the user lies in
>> the CREATE TYPE command, specifying type representation properties that
>> are different from what the underlying functions expect.
> This is a non-issue in PL
Tom Lane wrote:
Thomas Hallgren <[EMAIL PROTECTED]> writes:
Tom, could you please elaborate where you see a security hole?
The problem that we've seen in the past shows up when the user lies in
the CREATE TYPE command, specifying type representation properties that
are different from w
> "Tom" == Tom Lane <[EMAIL PROTECTED]> writes:
>> Tom, could you please elaborate where you see a security hole?
Tom> The problem that we've seen in the past shows up when the user
Tom> lies in the CREATE TYPE command, specifying type representation
Tom> properties that are different fro
Thomas Hallgren <[EMAIL PROTECTED]> writes:
> Tom, could you please elaborate where you see a security hole?
The problem that we've seen in the past shows up when the user lies in
the CREATE TYPE command, specifying type representation properties that
are different from what the underlying functio
It seems perfectly safe to me too for the reason that Kris mentions.
Tom, could you please elaborate where you see a security hole?
Regards,
Thomas Hallgren
Tom Lane wrote:
Kris Jurka <[EMAIL PROTECTED]> writes:
On Wed, 30 Jul 2008, Alvaro Herrera wrote:
I do agree that creating base