Tom Lane wrote:
Thom Brown <thombrown@xxxxxxxxx> writes:
As for having plpgsql installed by default, are there any security
implications?
Well, that's pretty much exactly the question --- are there? It would
certainly make it easier for someone to exploit any other security
weakness they might find. I believe plain SQL plus SQL functions is
Turing-complete, but that doesn't mean it's easy or fast to write loops
etc in it.
That's a bit harder argument to sustain now we have recursive queries, ISTM.
cheers
andrew
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
