On 2024-05-15 12:08 p.m., William Michels via perl6-users wrote:
I'm wondering if the "trusted" moniker is conferred when a (specified/bespoke)
language version sufficiently sanitizes input?
What you're talking about here and similar has no affect on trusted vs not.
Trusted and untrusted are determined based on fundamental structural differences
of the language implementation.
A trusted language is a fully isolated environment that fundamentally has only
the core language features to write routines that take arguments, return
results, and read from or write to database tables, basically what you can do
with ordinary SQL stored procedures but with a different syntax.
A trusted language can not access anything outside the database in any manner,
such as access the file system or run other programs or access the network or
whatever, since generally this is where the biggest security concerns are. If
you want to do any of those things, that is what the "untrusted" version is for.
The idea is if you stick to the more restricted capabilities of a "trusted"
language, users can be much more confident they are avoiding risks, and they
would be more comfortable using it.
-- Darren Duncan
