On Wed, 13 Dec 2006, Martijn van Oosterhout wrote:
On Wed, Dec 13, 2006 at 05:04:42PM -0500, Tom Lane wrote:
Bricklen Anderson <[EMAIL PROTECTED]> writes:
Marc Evans wrote:
OK, I must be missing something obvious:
ERROR: creation of Perl function failed: 'eval "string"' trapped by
operation mask at line 2.
Try as plperlu
This brings up the question of whether it'd be safe to allow eval in
plperl functions. I'm not sure why it's excluded now ... does it allow
access to untrusted operations?
ISTM there being something about the Safe module in perl not being able
to enable eval while staying "safe", so to speak.
Looking at the safe module it looks like you can exclude certain
functions from restrictions. The manpage has an example, so a simple
try/catch mechanism could be created if enabling "eval" directly isn't
ok.
I believe that the BLOCK variation of eval could be considered safe, e.g.
eval { ... } but the EXPR version of eval probably should not be
considered safe, e.g. eval "...".
- Marc
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
