hcq/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2026-02-11 02:17:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

> I've worked with the Pl/Python code in the past and will see about removing

Browse Source 
> rexec and making it an untrusted language.  Last time I looked, it didn't
> look particularly difficult.  I've set aside some time next week, so stay
> tuned.

Attached is a patch that removes all of the RExec code from plpython from
the current PostgreSQL CVS.  In addition, plpython needs to be changed to an
untrusted language in createlang.  Please let me know if there are any
problems.

Kevin Jacobs
This commit is contained in:
Bruce Momjian
2003-06-25 01:18:58 +00:00
parent b24a0293cc
commit afb17d912b
3 changed files with 14 additions and 269 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/pl/plpython/plpython_error.sql
View File

@ -9,9 +9,5 @@ SELECT invalid_type_reraised('rick');
SELECT valid_type('rick');
-- Security sandbox tests
SELECT read_file('/etc/passwd');
SELECT write_file('/tmp/plpython','This is very bad');
SELECT getpid();
SELECT uname();
SELECT sys_exit();
SELECT sys_argv();
SELECT write_file('/tmp/plpython','Only trusted users should be able to do this!');
SELECT read_file('/tmp/plpython');