Tom Lane wrote:
Andrew Dunstan <[EMAIL PROTECTED]> writes:
Do we want to backport tighter security for plperl? In particular, insisting on Safe.pm >= 2.09 and removing the :base_io set of ops?
I'd vote not: 7.4.5 => 7.4.6 is not an update that people would expect to break their plperl code ...
*shrug* OK. Then plperl should probably not be regarded as being as "trusted" as we would like. Note that old versions of Safe.pm have been the subject of security advisories such as this one http://www.securityfocus.com/bid/6111/info/ for some time.
cheers
andrew
---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faqs/FAQ.html
