|
|
|
|
@ -1,5 +1,5 @@ |
|
|
|
|
<!-- |
|
|
|
|
$PostgreSQL: pgsql/doc/src/sgml/plperl.sgml,v 2.47 2005/10/18 22:53:54 adunstan Exp $ |
|
|
|
|
$PostgreSQL: pgsql/doc/src/sgml/plperl.sgml,v 2.48 2005/10/24 15:39:50 adunstan Exp $ |
|
|
|
|
--> |
|
|
|
|
|
|
|
|
|
<chapter id="plperl"> |
|
|
|
|
@ -554,12 +554,16 @@ $$ LANGUAGE plperl; |
|
|
|
|
system operations are not allowed for security reasons: |
|
|
|
|
<programlisting> |
|
|
|
|
CREATE FUNCTION badfunc() RETURNS integer AS $$ |
|
|
|
|
open(TEMP, ">/tmp/badfile"); |
|
|
|
|
print TEMP "Gotcha!\n"; |
|
|
|
|
my $tmpfile = "/tmp/badfile"; |
|
|
|
|
open my $fh, '>', $tmpfile |
|
|
|
|
or elog(ERROR, qq{Could not open the file "$tmpfile": $!}); |
|
|
|
|
print $fh "Testing writing to a file\n"; |
|
|
|
|
close $fh or elog(ERROR, qq{Could not close the file "$tmpfile": $!}); |
|
|
|
|
return 1; |
|
|
|
|
$$ LANGUAGE plperl; |
|
|
|
|
</programlisting> |
|
|
|
|
The creation of the function will succeed, but executing it will not. |
|
|
|
|
The creation of this function will fail as its use of a forbidden |
|
|
|
|
operation will be be caught by the validator. |
|
|
|
|
</para> |
|
|
|
|
|
|
|
|
|
<para> |
|
|
|
|
|
Andrew Dunstan
21 years ago