1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
5
>Function and Trigger Security</TITLE
8
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
10
HREF="mailto:pgsql-docs@postgresql.org"><LINK
12
TITLE="PostgreSQL 9.1beta1 Documentation"
13
HREF="index.html"><LINK
15
TITLE="Database Roles"
16
HREF="user-manag.html"><LINK
18
TITLE="Role Membership"
19
HREF="role-membership.html"><LINK
21
TITLE="Managing Databases"
22
HREF="managing-databases.html"><LINK
25
HREF="stylesheet.css"><META
26
HTTP-EQUIV="Content-Type"
27
CONTENT="text/html; charset=ISO-8859-1"><META
29
CONTENT="2011-04-27T21:20:33"></HEAD
35
SUMMARY="Header navigation table"
47
>PostgreSQL 9.1beta1 Documentation</A
56
TITLE="Role Membership"
57
HREF="role-membership.html"
66
TITLE="Database Roles"
67
HREF="user-manag.html"
74
>Chapter 20. Database Roles</TD
80
TITLE="Database Roles"
81
HREF="user-manag.html"
89
TITLE="Managing Databases"
90
HREF="managing-databases.html"
104
NAME="PERM-FUNCTIONS"
105
>20.4. Function and Trigger Security</A
108
> Functions and triggers allow users to insert code into the backend
109
server that other users might execute unintentionally. Hence, both
110
mechanisms permit users to <SPAN
112
>"Trojan horse"</SPAN
114
others with relative ease. The only real protection is tight
115
control over who can define functions.
118
> Functions run inside the backend
119
server process with the operating system permissions of the
120
database server daemon. If the programming language
121
used for the function allows unchecked memory accesses, it is
122
possible to change the server's internal data structures.
123
Hence, among many other things, such functions can circumvent any
124
system access controls. Function languages that allow such access
132
> allows only superusers to
133
create functions written in those languages.
141
SUMMARY="Footer navigation table"
152
HREF="role-membership.html"
170
HREF="managing-databases.html"
186
HREF="user-manag.html"
194
>Managing Databases</TD
b'\\ No newline at end of file'