public inbox for [email protected]
help / color / mirror / Atom feedMinor changed needed to doc on untrusted pl/perl example
2+ messages / 2 participants
[nested] [flat]
* Minor changed needed to doc on untrusted pl/perl example
@ 2005-10-21 18:06 Bob <[email protected]>
0 siblings, 1 reply; 2+ messages in thread
From: Bob @ 2005-10-21 18:06 UTC (permalink / raw)
To: pgsql-docs
I know this is minor but we all long for perfection.:)
The current doc shows
37.5. Trusted and Untrusted PL/Perl
Normally, PL/Perl is installed as a "trusted" programming language named
plperl. In this setup, certain Perl operations are disabled to preserve
security. In general, the operations that are restricted are those that
interact with the environment. This includes file handle operations, require,
and use (for external modules). There is no way to access internals of the
database server process or to gain OS-level access with the permissions of
the server process, as a C function can do. Thus, any unprivileged database
user may be permitted to use this language.
Here is an example of a function that will not work because file system
operations are not allowed for security reasons:
CREATE FUNCTION badfunc() RETURNS integer AS $$
open(TEMP, ">/tmp/badfile");
print TEMP "Gotcha!\n";
return 1;
$$ LANGUAGE plperl;
I believe the code snippet should look like this for it to work correctly:
CREATE FUNCTION badfunc() RETURNS integer AS $$
open(TEMP, ">/tmp/badfile");
print TEMP "Gotcha!\n";
close(TEMP);
return 1;
$$ LANGUAGE plperl;
^ permalink raw reply [nested|flat] 2+ messages in thread
* Re: Minor changed needed to doc on untrusted pl/perl example
@ 2005-10-21 20:51 Michael Fuhr <[email protected]>
parent: Bob <[email protected]>
0 siblings, 0 replies; 2+ messages in thread
From: Michael Fuhr @ 2005-10-21 20:51 UTC (permalink / raw)
To: Bob <[email protected]>; +Cc: pgsql-docs
On Fri, Oct 21, 2005 at 01:06:05PM -0500, Bob wrote:
> CREATE FUNCTION badfunc() RETURNS integer AS $$
> open(TEMP, ">/tmp/badfile");
> print TEMP "Gotcha!\n";
> return 1;
> $$ LANGUAGE plperl;
>
> I believe the code snippet should look like this for it to work correctly:
>
> CREATE FUNCTION badfunc() RETURNS integer AS $$
> open(TEMP, ">/tmp/badfile");
> print TEMP "Gotcha!\n";
> close(TEMP);
> return 1;
> $$ LANGUAGE plperl;
The function should work without an explicit close (or it would,
but for the security check). The file should appear on disk
immediately after the open, although the data might not be flushed
to disk until the file is actually closed, such as when the calling
session's postmaster exits (that's how a plperlu version behaves
on my test system, anyway). Not that I disagree with adding an
explicit close, but the example should still "work" without it.
--
Michael Fuhr
^ permalink raw reply [nested|flat] 2+ messages in thread
end of thread, other threads:[~2005-10-21 20:51 UTC | newest]
Thread overview: 2+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2005-10-21 18:06 Minor changed needed to doc on untrusted pl/perl example Bob <[email protected]>
2005-10-21 20:51 ` Michael Fuhr <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox