Add some information about what it means for PL/Python to be untrusted.

Similar information already appears in the PL/Perl and PL/Tcl chapters.

Add some information about what it means for PL/Python to be untrusted.
Similar information already appears in the PL/Perl and PL/Tcl chapters.
1e246783 · Peter Eisentraut · 51d2c9b0 · 1e246783
Commit 1e246783 authored Mar 29, 2010 by Peter Eisentraut
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 4 deletions

doc/src/sgml/plpython.sgml doc/src/sgml/plpython.sgml +9 -4

No files found.
--- a/doc/src/sgml/plpython.sgml
+++ b/doc/src/sgml/plpython.sgml
-<!-- $PostgreSQL: pgsql/doc/src/sgml/plpython.sgml,v 1.48 2010/03/29 21:20:58 petere Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/plpython.sgml,v 1.49 2010/03/29 21:35:59 petere Exp $ -->
 <chapter id="plpython">
 <title>PL/Python - Python Procedural Language</title>
@@ -27,11 +27,16 @@
 <para>
  As of <productname>PostgreSQL</productname> 7.4, PL/Python is only
-  available as an <quote>untrusted</> language (meaning it does not
+  available as an <quote>untrusted</> language, meaning it does not
-  offer any way of restricting what users can do in it).  It has
+  offer any way of restricting what users can do in it.  It has
  therefore been renamed to <literal>plpythonu</>.  The trusted
  variant <literal>plpython</> might become available again in future,
-  if a new secure execution mechanism is developed in Python.
+  if a new secure execution mechanism is developed in Python.  The
+  writer of a function in untrusted PL/Python must take care that the
+  function cannot be used to do anything unwanted, since it will be
+  able to do anything that could be done by a user logged in as the
+  database administrator.  Only superusers can create functions in
+  untrusted languages such as <literal>plpythonu</literal>.
 </para>
 <note>