On Wed, Feb 3, 2010 at 11:28, Tom Lane <t...@sss.pgh.pa.us> wrote: > Tim Bunce <tim.bu...@pobox.com> writes: >> I do see a need for a GRANT check and I'm adding one now (based on >> the code in CreateFunction() in functioncmds.c - thanks to RhodiumToad >> on IRC for the pointer). > > What exactly are you proposing to check, and where, and what do you > think that will fix?
Non plperl GRANTed people could modify the global $_SHARED variable. Currently anyone that can make a plperl function can do anything they want with $_SHARED. So In my mind disallowing them to set plperl.plperl_safe_init would make the permission model of $_SHARED consistent. No? Now im not saying its a good permission model... -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
