> I've worked with the Pl/Python code in the past and will see about removing

> rexec and making it an untrusted language. Last time I looked, it didn't > look particularly difficult. I've set aside some time next week, so stay > tuned. Attached is a patch that removes all of the RExec code from plpython from the current PostgreSQL CVS. In addition, plpython needs to be changed to an untrusted language in createlang. Please let me know if there are any problems. Kevin Jacobs
author: Bruce Momjian <bruce@momjian.us> 2003-06-25 01:18:58 +0000
committer: Bruce Momjian <bruce@momjian.us> 2003-06-25 01:18:58 +0000
commit: afb17d912b4cb39dc31346dbb1d4816d5d0d687c (patch)
tree: 067cb0cb7958696a386084e24c47c70525c5cd9a /src/pl/plpython/plpython_error.sql
parent: b24a0293cc867ec0ad0a924ae976cc6ab9d12f90 (diff)
1 files changed, 2 insertions, 6 deletions
diff --git a/src/pl/plpython/plpython_error.sql b/src/pl/plpython/plpython_error.sql
index 0cde4df9967..f1939eb8ffb 100644
--- a/src/pl/plpython/plpython_error.sql
+++ b/src/pl/plpython/plpython_error.sql
@@ -9,9 +9,5 @@ SELECT invalid_type_reraised('rick');
 SELECT valid_type('rick');
 
 -- Security sandbox tests
-SELECT read_file('/etc/passwd');
-SELECT write_file('/tmp/plpython','This is very bad');
-SELECT getpid();
-SELECT uname();
-SELECT sys_exit();
-SELECT sys_argv();
+SELECT write_file('/tmp/plpython','Only trusted users should be able to do this!');
+SELECT read_file('/tmp/plpython');
author	Bruce Momjian <bruce@momjian.us>	2003-06-25 01:18:58 +0000
committer	Bruce Momjian <bruce@momjian.us>	2003-06-25 01:18:58 +0000
commit	afb17d912b4cb39dc31346dbb1d4816d5d0d687c (patch)
tree	067cb0cb7958696a386084e24c47c70525c5cd9a /src/pl/plpython/plpython_error.sql
parent	b24a0293cc867ec0ad0a924ae976cc6ab9d12f90 (diff)