diff options
-rw-r--r-- | doc/src/sgml/plpython.sgml | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/doc/src/sgml/plpython.sgml b/doc/src/sgml/plpython.sgml index ab9ad2228a..8b58a95a00 100644 --- a/doc/src/sgml/plpython.sgml +++ b/doc/src/sgml/plpython.sgml @@ -1,4 +1,4 @@ -<!-- $PostgreSQL: pgsql/doc/src/sgml/plpython.sgml,v 1.48 2010/03/29 21:20:58 petere Exp $ --> +<!-- $PostgreSQL: pgsql/doc/src/sgml/plpython.sgml,v 1.49 2010/03/29 21:35:59 petere Exp $ --> <chapter id="plpython"> <title>PL/Python - Python Procedural Language</title> @@ -27,11 +27,16 @@ <para> As of <productname>PostgreSQL</productname> 7.4, PL/Python is only - available as an <quote>untrusted</> language (meaning it does not - offer any way of restricting what users can do in it). It has + available as an <quote>untrusted</> language, meaning it does not + offer any way of restricting what users can do in it. It has therefore been renamed to <literal>plpythonu</>. The trusted variant <literal>plpython</> might become available again in future, - if a new secure execution mechanism is developed in Python. + if a new secure execution mechanism is developed in Python. The + writer of a function in untrusted PL/Python must take care that the + function cannot be used to do anything unwanted, since it will be + able to do anything that could be done by a user logged in as the + database administrator. Only superusers can create functions in + untrusted languages such as <literal>plpythonu</literal>. </para> <note> |