Peter Eisentraut wrote:
Tom Lane writes:
There are good security arguments not to have it in the default install,
no?
I think last time the only reason we saw was that dump restoring would be difficult. I don't see any security reasons.
That could be overcome by doing a 'drop language' before running your restore, couldn't it? Maybe it would also be useful for such cases to have a switches on initdb and pg_dump to inhibit creation of the language.
I did see a reference in the archives to a problem with heavy recursion as a possible security hole. I guess my answer to that would be that if you are worried about it you should drop the language, but I don't see this alone as a reason not to install it by default. After all, you don't need plpgsql to bring the system to its knees :-)
But maybe there's some other reason my search didn't find.
cheers
andrew
---------------------------(end of broadcast)--------------------------- TIP 7: don't forget to increase your free space map settings
