Re: How to create c language in postgresql database. Thanks.

Craig Ringer <ringerc@xxxxxxxxxxxxx> · Wed, 13 Jun 2012 10:31:52 +0800



    On 06/13/2012 03:35 AM, leaf_yxj wrote:

    
        Hi John,
         
        Thanks for your useful info. I really apprecaite it.  I got
          this problem when the SAS application try to install the
          scoring model.  So I am very confused. 
        > 1) What's the info in .dll/.so ? 

          
          thats the binary code compiled and linked from C,   windows
          calls this 

          DLL (Dynamic Link Library), while unix usually calls it SO
          (Shared 

          Object).  Mac OSX has yet another name (dylib or something). 

        
        ---- Grace comments : this need the superuser privileges on
          the server to copy those .so ( we are on the linux server)  to
          the postgresql server ?
        correct ????
         
      
    And to dynamically link them into the PostgreSQL executable to run
    them.

    
    Most importantly, you have to COMPLTELY AND UTTERLY TRUST YOUR DEV
    TEAM. If you let them install a C library they've written, you've
    given them total power over your database, so they can just use
    their C function to give themselves superuser privs if they want it.
    This isn't a bad thing; C functions are extremely fast and powerful
    tools in a database, you just have to trust the person or people who
    wrote them.

    
    A C library also has much greater opportunity to muck up your
    database. In particular it can crash database backends very easily.
    You need to know the people who wrote it are competent and tested it
    well in a non-production environment.

    
    You need to read about "dlopen" or "LoadLibrary", about dynamic
    linking, about compilation and shared libraries in C, etc. Right now
    you don't have the background in how this works to make appropriate
    decisions; you have to either trust your dev team to do the right
    thing, or tell them to do what they need to without using a C
    library and accept that may mean you're stopping them from doing
    their jobs properly.

    
        > 2)  .sql scrap  is the binary installation file? 

          
          the .sql is the CREATE FUNCTION statement mostly. 

          --- Grace comments : we already grant create privileges on the
          saslib schema. So it means they can this scrap by themselves
          ???

        
    No, you have to be a superuser to install C functions, because they
    have *total* access to all of PostgreSQL and can bypass all security
    and authentication completely.

    
    --

    Craig Ringer