Participants
Alex Pilosov
Alex Pilosov
Bruce Momjian
Bruce Momjian
Attachments
Thread Outline
#1Alex PilosovAlex Pilosov
Jun 22, 2001
#2Bruce MomjianBruce Momjianto Alex Pilosov (#1)
Jun 22, 2001

plperl doc

Started by Alex Pilosovover 24 years ago2 messages
#1Alex Pilosov
Alex Pilosov
alex@pilosoft.com
1 attachment(s)

Attached is documentation describing plperlu differences from plperl.

Please apply :)

--
Alex Pilosov | http://www.acedsl.com/home.html
CTO - Acecape, Inc. | AceDSL:The best ADSL in the world
325 W 38 St. Suite 1005 | (Stealth Marketing Works! :)
New York, NY 10018 |

Attachments:

plperldoc.patchtext/plain; charset=US-ASCII; name=plperldoc.patchDownload
Index: doc/src/sgml/plperl.sgml
===================================================================
RCS file: /home/cvs/pgsql/pgsql/doc/src/sgml/plperl.sgml,v
retrieving revision 2.8
diff --unified -r2.8 plperl.sgml
--- doc/src/sgml/plperl.sgml	2001/05/12 22:51:35	2.8
+++ doc/src/sgml/plperl.sgml	2001/06/22 20:31:12
@@ -20,7 +20,8 @@
  </para>
 
  <para>
-  The PL/Perl intepreter is a full Perl interpreter. However, certain
+  The PL/Perl interpreter (when installed as trusted interpreter with 
+  default name 'plperl') intepreter is a full Perl interpreter. However, certain
   operations have been disabled in order to maintain the security of
   the system.  In general, the operations that are restricted are
   those that interact with the environment. This includes filehandle
@@ -28,6 +29,11 @@
   (for external modules).  It should be noted that this security is
   not absolute. Indeed, several Denial-of-Service attacks are still
   possible - memory exhaustion and endless loops are two examples.
+
+ </para>
+ <para>
+  When PL/Perl is installed as 'untrusted' interpreter (with name 'plperlu'),
+  everything is permitted, and any perl code can be loaded (by superuser only).
  </para>
 
  <sect1 id="plperl-install">
@@ -77,6 +83,11 @@
 <screen>
 <prompt>$</prompt> <userinput>createlang plperl template1</userinput>
 </screen>
+   Alternatively, to create untrusted interpreter (where functions can only
+be created by superuser, but the functions are not restricted), use:
+<screen>
+<prompt>$</prompt> <userinput>createlang plperlu template1</userinput>
+</screen>
    If it is installed into template1, all future databases will have
    the language installed automatically.
   </para>
@@ -157,6 +168,15 @@
 ' LANGUAGE 'plperl';
 </programlisting>
    The creation of the function will succeed, but executing it will not.
+
+   Note that if same function was created by superuser using language 
+   'plperlu', execution would succeed.
+  </para>
+  <para>
+   Access to database itself from your perl function can be done via 
+   an experimental module DBD::PgSPI, available at <ulink url="http://www.formenos.org/PgSPI/">this site</ulink>. This module makes available a DBI-compliant
+   database-handle named $pg_dbh, and you can use that to make queries with
+   normal DBI syntax.
   </para>
 
  </sect1>
#2Bruce Momjian
Bruce Momjian
pgman@candle.pha.pa.us
In reply to: Alex Pilosov (#1)
Re: plperl doc

Thanks. Doc patch applied. (No reason to delay most doc patches, I
think.)

Attached is documentation describing plperlu differences from plperl.

Please apply :)

--
Alex Pilosov | http://www.acedsl.com/home.html
CTO - Acecape, Inc. | AceDSL:The best ADSL in the world
325 W 38 St. Suite 1005 | (Stealth Marketing Works! :)
New York, NY 10018 |

Content-Description:

[ Attachment, skipping... ]

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to majordomo@postgresql.org)

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026
← Back to Topics