Tim Bunce <tim.bu...@pobox.com> writes: > I do see a need for a GRANT check and I'm adding one now (based on > the code in CreateFunction() in functioncmds.c - thanks to RhodiumToad > on IRC for the pointer).
What exactly are you proposing to check, and where, and what do you think that will fix? If the concern is that someone could sabotage the behavior of a plperl function by changing things around in the perl_init script, then I think we have to forget about making it USERSET. Whether someone has been granted permission to use plperl seems to me to have little to do with whether it's okay to mess up a function (possibly a SECURITY DEFINER one) belonging to someone else. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers