Very Computer

> I think the code in there already is the trusted case, no?  The addition
> would be an untrusted mode for plpython.

> trusted = language handler prevents security violations, so unprivileged
> users are allowed to define functions in the language (ie, we trust the
> language itself to prevent security breaches)

> untrusted = language allows user to access things outside database,
> so only Postgres superusers are allowed to define functions in the
> language (ie, we must trust the function author instead of the language)

> In any case, a second security level in plpython would clearly be a new
> feature, and so I'd say it's too late to consider it for 7.2.  All that
> we want to do at this point is verify Kevin's proposed patch for the
> existing security level.  But certainly a "plpythonu" addition would
> be welcome for 7.3.

>                    regards, tom lane

> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster

> All of the security related _problems_ that affect the rest of 7.2 have been
> solved, to the best of my knowledge. The discussion below pretains to adding
> an additional untrusted mode like plperl has.  Since this is a new feature,
> it is on the TODO list for 7.3.

> ---------------------------------------------------------------------------

> > > (Everyone)  Would a patch to add trusted language support be accepted
> > > for 7.2, or is it too late?

> > I think the code in there already is the trusted case, no?  The addition
> > would be an untrusted mode for plpython.

> > trusted = language handler prevents security violations, so unprivileged
> > users are allowed to define functions in the language (ie, we trust the
> > language itself to prevent security breaches)

> > untrusted = language allows user to access things outside database,
> > so only Postgres superusers are allowed to define functions in the
> > language (ie, we must trust the function author instead of the language)

> > In any case, a second security level in plpython would clearly be a new
> > feature, and so I'd say it's too late to consider it for 7.2.  All that
> > we want to do at this point is verify Kevin's proposed patch for the
> > existing security level.  But certainly a "plpythonu" addition would
> > be welcome for 7.3.

> >                       regards, tom lane

> > ---------------------------(end of broadcast)---------------------------
> > TIP 4: Don't 'kill -9' the postmaster