I'm a fan of unsecured languages in the database.
Obviously they should only be used by people who understand the difference.
I wouldn't want python locked down.
That would prevent so many different external functions that can now be integrated into the database.
Among other things that I currently do with plpythonu is a function that reads a template file,
populates it with data and saves the file to the server. It then FTPs the file to another server.
It certainly can all be done outside of the database, but it is so much easier (and less maintenance)
to include it as a function.
Sim
Erik Jones wrote:
On Jan 18, 2008, at 7:48 AM, Stuart Bishop wrote:
plpython !=3D plpythonu.
plpython was the 'secure' sandboxed version. The Python devs gave up
supporting any sort of sandboxing feature in Python declaring it
impossib=
le.
Someone should definitely take a look at this:
http://sayspy.blogspot.com/2007/05/i-have-finished-securing-python.html
That guy claims he's locked down the python interpreter there.
Erik Jones
DBA | Emma®
erik@xxxxxxxxxx
800.595.4401 or 615.292.5888
615.292.0777 (fax)
Emma helps organizations everywhere communicate & market in style.
Visit us online at http://www.myemma.com
---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings
