NotificationsYou must be signed in to change notification settings
Fork5
Star26

Commit6115224

committed

Rename plpython to plpythonu, and update documentation to reflect its

now-untrusted status.

1 parent219e297 commit6115224Copy full SHA for 6115224

File tree

12 files changed

+86

-108

lines changed

doc/src/sgml
src
- bin/scripts
  - createlang.c
- pl/plpython

12 files changed

+86

-108

lines changed

`‎doc/src/sgml/plpython.sgml`

Lines changed: 25 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-<!-- $Header: /cvsroot/pgsql/doc/src/sgml/plpython.sgml,v 1.16 2003/04/07 01:29:25 petere Exp $ -->`
	`1`	`+<!-- $Header: /cvsroot/pgsql/doc/src/sgml/plpython.sgml,v 1.17 2003/06/30 18:31:41 tgl Exp $ -->`
`2`	`2`
`3`	`3`	`<chapter id="plpython">`
`4`	`4`	`<title>PL/Python - Python Procedural Language</title>`
`@@ -14,9 +14,21 @@`
`14`	`14`
`15`	`15`	`<para>`
`16`	`16`	`To install PL/Python in a particular database, use`
`17`		`- <literal>createlangplpython <replaceable>dbname</></literal>.`
	`17`	`+ <literal>createlangplpythonu <replaceable>dbname</></literal>.`
`18`	`18`	`</para>`
`19`	`19`
	`20`	`+ <note>`
	`21`	`+ <para>`
	`22`	`+ As of <productname>PostgreSQL</productname> 7.4,`
	`23`	`+ PL/Python is only available as an <quote>untrusted</> language`
	`24`	`+ (meaning it does not offer any way of restricting what users`
	`25`	`+ can do in it). It has therefore been renamed to <literal>plpythonu</>.`
	`26`	`+ The trusted variant <literal>plpython</> may become available again in`
	`27`	`+ future, if a new secure execution mechanism is developed by the Python`
	`28`	`+ community.`
	`29`	`+ </para>`
	`30`	`+ </note>`
	`31`	`+`
`20`	`32`	`<tip>`
`21`	`33`	`<para>`
`22`	`34`	`If a language is installed into <literal>template1</>, all subsequently`
`@@ -41,7 +53,7 @@`
`41`	`53`	`<programlisting>`
`42`	`54`	`CREATE FUNCTION myfunc(text) RETURNS text`
`43`	`55`	`AS 'return args[0]'`
`44`		`- LANGUAGEplpython;`
	`56`	`+ LANGUAGEplpythonu;`
`45`	`57`	`</programlisting>`
`46`	`58`
`47`	`59`	`gets transformed into`
`@@ -78,13 +90,18 @@ def __plpython_procedure_myfunc_23456():`
`78`	`90`	`available to all Python functions within a session. Use with care.`
`79`	`91`	`</para>`
`80`	`92`
	`93`	`+<!-- NOT CORRECT ANYMORE, IS IT?`
	`94`	`+`
`81`	`95`	`<para>`
`82`	`96`	`Each function gets its own restricted execution object in the`
`83`	`97`	`Python interpreter, so that global data and function arguments from`
`84`	`98`	`<function>myfunc</function> are not available to`
`85`	`99`	`<function>myfunc2</function>. The exception is the data in the`
`86`	`100`	`<varname>GD</varname> dictionary, as mentioned above.`
`87`	`101`	`</para>`
	`102`	`+`
	`103`	`+-->`
	`104`	`+`
`88`	`105`	`</sect1>`
`89`	`106`
`90`	`107`	`<sect1 id="plpython-trigger">`
`@@ -218,11 +235,13 @@ CREATE FUNCTION usesavedplan() RETURNS trigger AS '`
`218`	`235`	`plan = plpy.prepare("SELECT 1")`
`219`	`236`	`SD["plan"] = plan`
`220`	`237`	`# rest of function`
`221`		`-' LANGUAGEplpython;`
	`238`	`+' LANGUAGEplpythonu;`
`222`	`239`	`</programlisting>`
`223`	`240`	`</para>`
`224`	`241`	`</sect1>`
`225`	`242`
	`243`	`+<!-- NOT CURRENTLY SUPPORTED`
	`244`	`+`
`226`	`245`	`<sect1 id="plpython-trusted">`
`227`	`246`	`<title>Restricted Environment</title>`
`228`	`247`
`@@ -245,4 +264,6 @@ CREATE FUNCTION usesavedplan() RETURNS trigger AS '`
`245`	`264`	`</para>`
`246`	`265`	`</sect1>`
`247`	`266`
	`267`	`+-->`
	`268`	`+`
`248`	`269`	`</chapter>`

`‎doc/src/sgml/release.sgml`

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`<!--`
`2`		`-$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.195 2003/06/28 00:12:40 tgl Exp $`
	`2`	`+$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.196 2003/06/30 18:31:41 tgl Exp $`
`3`	`3`	`-->`
`4`	`4`
`5`	`5`	`<appendix id="release">`
`@@ -24,6 +24,7 @@ CDATA means the content is "SGML-free", so you can write without`
`24`	`24`	`worries about funny characters.`
`25`	`25`	`-->`
`26`	`26`	`<literallayout><![CDATA[`
	`27`	`+PL/Python is now an untrusted language, and is renamed to 'plpythonu'`
`27`	`28`	`Dollar sign ($) is no longer allowed in operator names`
`28`	`29`	`Dollar sign ($) can be a non-first character in identifiers`
`29`	`30`	`Precision in FLOAT(p) is now interpreted as bits, not decimal digits`

`‎doc/src/sgml/xplang.sgml`

Lines changed: 10 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`<!--`
`2`		`-$Header: /cvsroot/pgsql/doc/src/sgml/xplang.sgml,v 1.21 2003/04/07 01:29:26 petere Exp $`
	`2`	`+$Header: /cvsroot/pgsql/doc/src/sgml/xplang.sgml,v 1.22 2003/06/30 18:31:42 tgl Exp $`
`3`	`3`	`-->`
`4`	`4`
`5`	`5`	`<chapter id="xplang">`
`@@ -109,13 +109,14 @@ CREATE <optional>TRUSTED</optional> <optional>PROCEDURAL</optional> LANGUAGE <re`
`109`	`109`	`for languages that do not allow access to database server`
`110`	`110`	`internals or the file system. The languages`
`111`	`111`	`<application>PL/pgSQL</application>,`
`112`		`- <application>PL/Tcl</application>,`
`113`		`- <application>PL/Perl</application>, and`
`114`		`- <application>PL/Python</application> are known to be trusted;`
`115`		`- the languages <application>PL/TclU</application> and`
`116`		`- <application>PL/PerlU</application> are designed to provide`
`117`		`- unlimited functionality and should <emphasis>not</emphasis> be`
`118`		`- marked trusted.`
	`112`	`+ <application>PL/Tcl</application>, and`
	`113`	`+ <application>PL/Perl</application>`
	`114`	`+ are considered trusted; the languages`
	`115`	`+ <application>PL/TclU</application>,`
	`116`	`+ <application>PL/PerlU</application>, and`
	`117`	`+ <application>PL/PythonU</application>`
	`118`	`+ are designed to provide unlimited functionality and should`
	`119`	`+ <emphasis>not</emphasis> be marked trusted.`
`119`	`120`	`</para>`
`120`	`121`	`</step>`
`121`	`122`	`</procedure>`
`@@ -158,7 +159,7 @@ CREATE TRUSTED PROCEDURAL LANGUAGE plpgsql`
`158`	`159`	`directory. If <application>Tcl/Tk</> support is configured in, the handlers for`
`159`	`160`	`<application>PL/Tcl</> and <application>PL/TclU</> are also built and installed in the same`
`160`	`161`	`location. Likewise, the <application>PL/Perl</> and <application>PL/PerlU</> handlers are built`
`161`		`- and installed if Perl support is configured, and <application>PL/Python</> is`
	`162`	`+ and installed if Perl support is configured, and <application>PL/PythonU</> is`
`162`	`163`	`installed if Python support is configured.`
`163`	`164`	`</para>`
`164`	`165`

`‎src/bin/scripts/createlang.c`

Lines changed: 4 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@`
`5`	`5`	`* Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group`
`6`	`6`	`* Portions Copyright (c) 1994, Regents of the University of California`
`7`	`7`	`*`
`8`		`- * $Header: /cvsroot/pgsql/src/bin/scripts/createlang.c,v 1.3 2003/06/11 05:13:12 momjian Exp $`
	`8`	`+ * $Header: /cvsroot/pgsql/src/bin/scripts/createlang.c,v 1.4 2003/06/30 18:31:42 tgl Exp $`
`9`	`9`	`*`
`10`	`10`	`*-------------------------------------------------------------------------`
`11`	`11`	`*/`
`@@ -195,16 +195,16 @@ main(int argc, char *argv[])`
`195`	`195`	`handler="plperl_call_handler";`
`196`	`196`	`object="plperl";`
`197`	`197`	`}`
`198`		`-elseif (strcmp(langname,"plpython")==0)`
	`198`	`+elseif (strcmp(langname,"plpythonu")==0)`
`199`	`199`	`{`
`200`		`-trusted=true;`
	`200`	`+trusted=false;`
`201`	`201`	`handler="plpython_call_handler";`
`202`	`202`	`object="plpython";`
`203`	`203`	`}`
`204`	`204`	`else`
`205`	`205`	`{`
`206`	`206`	`fprintf(stderr,_("%s: unsupported language \"%s\"\n"),progname,langname);`
`207`		`-fprintf(stderr,_("Supported languages are plpgsql, pltcl, pltclu, plperl, plperlu, andplpython.\n"));`
	`207`	`+fprintf(stderr,_("Supported languages are plpgsql, pltcl, pltclu, plperl, plperlu, andplpythonu.\n"));`
`208`	`208`	`exit(1);`
`209`	`209`	`}`
`210`	`210`

`‎src/pl/plpython/README`

Lines changed: 0 additions & 39 deletions

This file was deleted.

`‎src/pl/plpython/TODO`

Lines changed: 4 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,8 @@`
`1`	`1`	`In no particular order...`
`2`	`2`
	`3`	`+* Develop a trusted variant of PL/Python. Now that RExec has been shown`
	`4`	`+ to be full of holes, this may take a while :-(`
	`5`	`+`
`3`	`6`	`* Allow arrays as function arguments and return values. (almost done)`
`4`	`7`
`5`	`8`	`* Create a new restricted execution class that will allow me to pass`
`@@ -10,7 +13,7 @@ In no particular order...`
`10`	`13`	`so the following will make PostgreSQL unhappy:`
`11`	`14`
`12`	`15`	`create table users (first_name text, last_name text);`
`13`		`- create function user_name(user) returns text as 'mycode' language'plpython';`
	`16`	`+ create function user_name(user) returns text as 'mycode' language plpython;`
`14`	`17`	`select user_name(user) from users;`
`15`	`18`	`alter table add column user_id integer;`
`16`	`19`	`select user_name(user) from users;`

`‎src/pl/plpython/error.expected`

Lines changed: 10 additions & 19 deletions

Original file line number	Diff line number	Diff line change
`@@ -16,24 +16,15 @@ SELECT valid_type('rick');`
`16`	`16`
`17`	`17`	`(1 row)`
`18`	`18`
`19`		`-SELECT read_file('/etc/passwd');`
`20`		-ERROR: plpython: Call of function `read_file' failed.
`21`		`-exceptions.IOError: can't open files in restricted mode`
`22`		`-SELECT write_file('/tmp/plpython','This is very bad');`
`23`		-ERROR: plpython: Call of function `write_file' failed.
`24`		`-exceptions.IOError: can't open files in restricted mode`
`25`		`-SELECT getpid();`
`26`		-ERROR: plpython: Call of function `getpid' failed.
`27`		`-exceptions.AttributeError: 'module' object has no attribute 'getpid'`
`28`		`-SELECT uname();`
`29`		-ERROR: plpython: Call of function `uname' failed.
`30`		`-exceptions.AttributeError: 'module' object has no attribute 'uname'`
`31`		`-SELECT sys_exit();`
`32`		-ERROR: plpython: Call of function `sys_exit' failed.
`33`		`-exceptions.AttributeError: 'module' object has no attribute 'exit'`
`34`		`-SELECT sys_argv();`
`35`		`- sys_argv`
`36`		`-----------------`
`37`		`- ['RESTRICTED']`
	`19`	`+SELECT write_file('/tmp/plpython','Only trusted users should be able to do this!');`
	`20`	`+ write_file`
	`21`	`+------------------------------`
	`22`	`+ Wrote to file: /tmp/plpython`
	`23`	`+(1 row)`
	`24`	`+`
	`25`	`+SELECT read_file('/tmp/plpython');`
	`26`	`+ read_file`
	`27`	`+-----------------------------------------------`
	`28`	`+ Only trusted users should be able to do this!`
`38`	`29`	`(1 row)`
`39`	`30`

`‎src/pl/plpython/feature.expected`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,7 @@ SELECT global_test_two();`
`29`	`29`	`(1 row)`
`30`	`30`
`31`	`31`	`SELECT import_fail();`
`32`		`-NOTICE: ('import socket failed --untrusted dynamicmodule: _socket',)`
	`32`	`+NOTICE: ('import socket failed --Nomodule named foosocket',)`
`33`	`33`	`import_fail`
`34`	`34`	`--------------------`
`35`	`35`	`failed as expected`

`‎src/pl/plpython/plpython_drop.sql`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -7,5 +7,5 @@ DROP TRIGGER users_update_trig on users ;`
`7`	`7`	`DROPFUNCTION users_update() ;`
`8`	`8`	`DROPTRIGGER users_delete_trigon users ;`
`9`	`9`	`DROPFUNCTION users_delete() ;`
`10`		`-DROP PROCEDURAL LANGUAGE'plpython' ;`
	`10`	`+DROP PROCEDURAL LANGUAGEplpythonu ;`
`11`	`11`	`DROPFUNCTION plpython_call_handler() ;`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit6115224

File tree

12 files changed

12 files changed

`‎doc/src/sgml/plpython.sgml`

`‎doc/src/sgml/release.sgml`

`‎doc/src/sgml/xplang.sgml`

`‎src/bin/scripts/createlang.c`

`‎src/pl/plpython/README`

`‎src/pl/plpython/TODO`

`‎src/pl/plpython/error.expected`

`‎src/pl/plpython/feature.expected`

`‎src/pl/plpython/plpython_drop.sql`

0 commit comments