Tom,
> > I grow weary of repeating this: it's not about resource consumption, nor
> > about potential security holes in plpgsql itself. It's about handing
> > attackers the capability to further exploit *other* security holes.
>
> Well, without specific examples, I'm not sure I understand what plpgsql
> buys you that you could not do other ways (e.g. generate_series() for
> looping).
I have to agree with Greg here: I don't see what significant new security
issues PL/pgSQL opens up. Certainly including PL/perl or PL/sh would, but
PL/pgSQL?
One of the reasons we advertise to use PostgreSQL is our ability to do
sophisticated backend database things, which other OSDBs don't have.
I agree that there should be some way to disable PL/pgSQL for "locked down"
installations, but I think the majority of users want it to just be there.
--
Josh Berkus
PostgreSQL @ Sun
San Francisco