Hey folks,
I've got quick question. Let's suppose that I'm running postgres
on a machine that's behind a firewall, and have restricted access
to the database server to the local networks. Let's further suppose
I wanted to use plperl as a _complete_ interpreter, without using
the Safe/Opcode stuff, in other words how can I make something
like this work:
CREATE FUNCTION myfunc (TEXT,TEXT) returns TEXT AS '
use strict;
use Crypt::CBC;
my $cipher = new Crypt::CBC(shift,'IDEA');
return $cipher->encrypt(shift);
' LANGUAGE 'plperl';
Or any other arbitrary perl module/function. I know I'm going to get
alot of 'security risks, etc', but I am aware of the
risks, there aren't any users on the box apart from myself,
there never will be. I don't plan on allowing anyone access
to the machine apart from _one_ program which I will audit
for security holes, and this program will filter input
to my newly created functions to avoid possible DOS attacks.
Is there a patch out there that will make plperl 'unsafe' for
people who know what they are doing and don't need the taint
checks? I've tried playing around with plperl.c, but I don't
know enough C to make it work.
Regards,
--
Mark Steele
Vice president research and development
Inet Technologies Inc.
msteele@inet-interactif.com
010110010110111101110101001000000110000101110010011001010010000001100100011101010110110101100010
