Tom Lane wrote:
Thom Brown <[email protected]> writes:
As for having plpgsql installed by default, are there any security
implications?
Well, that's pretty much exactly the question --- are there? It would
certainly make it easier for someone to exploit any other security
weakness they might find. I believe plain SQL plus SQL functions is
Turing-complete, but that doesn't mean it's easy or fast to write loops
etc in it.
That's a bit harder argument to sustain now we have recursive queries, ISTM.
cheers
andrew
--
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
