public inbox for [email protected]
help / color / mirror / Atom feedFrom: Bob <[email protected]>
To: [email protected]
Subject: Minor changed needed to doc on untrusted pl/perl example
Date: Fri, 21 Oct 2005 13:06:05 -0500
Message-ID: <[email protected]> (raw)
I know this is minor but we all long for perfection.:)
The current doc shows
37.5. Trusted and Untrusted PL/Perl
Normally, PL/Perl is installed as a "trusted" programming language named
plperl. In this setup, certain Perl operations are disabled to preserve
security. In general, the operations that are restricted are those that
interact with the environment. This includes file handle operations, require,
and use (for external modules). There is no way to access internals of the
database server process or to gain OS-level access with the permissions of
the server process, as a C function can do. Thus, any unprivileged database
user may be permitted to use this language.
Here is an example of a function that will not work because file system
operations are not allowed for security reasons:
CREATE FUNCTION badfunc() RETURNS integer AS $$
open(TEMP, ">/tmp/badfile");
print TEMP "Gotcha!\n";
return 1;
$$ LANGUAGE plperl;
I believe the code snippet should look like this for it to work correctly:
CREATE FUNCTION badfunc() RETURNS integer AS $$
open(TEMP, ">/tmp/badfile");
print TEMP "Gotcha!\n";
close(TEMP);
return 1;
$$ LANGUAGE plperl;
view thread (2+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected]
Subject: Re: Minor changed needed to doc on untrusted pl/perl example
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox