The following documentation comment has been logged on the website: Page: https://www.postgresql.org/docs/13/plpython.html Description:
Hey all: This page & the PL/PERL page are the closest I have seen in the docs about trusted versus untrusted languages. It would be great if we could add a subtopic and 1 or 2 paragraphs on this page https://www.postgresql.org/docs/current/xplang.html Possibly outline: A) Explain to users what trusted versus untrusted in terms of language extensions. 1) Differentiate that from non-risky versus risky 2) Explain why, by default, functions written in untrusted languages need to be added by superuser. B) It would be great to give an example workflow of working with untrusted languages 1) Developer uses superuser on their own machine or makes the language trusted 2) Send function to the DBA 3) Function goes through security review and testing 4) If it passes then the DBA installs in a production DB C) An example on how to make a language trusted in a db. Thanks Steve