From 05979312eddac1b51287fea7261c9b4d695815dd Mon Sep 17 00:00:00 2001
From: Bruce Momjian <bruce@momjian.us>
Date: Tue, 20 Nov 2001 21:09:53 +0000
Subject: [PATCH] Added a few paragraphs to explain current restricted
execution environment, and error handling behavior.
Bradley McLean
---
doc/src/sgml/plpython.sgml | 24 +++++++++++++++++++++++-
1 file changed, 23 insertions(+), 1 deletion(-)
diff --git a/doc/src/sgml/plpython.sgml b/doc/src/sgml/plpython.sgml
index ffe888df286..9410a12f99d 100644
--- a/doc/src/sgml/plpython.sgml
+++ b/doc/src/sgml/plpython.sgml
@@ -1,4 +1,4 @@
-<!-- $Header: /cvsroot/pgsql/doc/src/sgml/plpython.sgml,v 1.5 2001/11/12 19:19:39 petere Exp $ -->
+<!-- $Header: /cvsroot/pgsql/doc/src/sgml/plpython.sgml,v 1.6 2001/11/20 21:09:53 momjian Exp $ -->
<chapter id="plpython">
<title>PL/Python - Python Procedural Language</title>
@@ -10,6 +10,28 @@
<para>
This chapter is not fully developed yet.
</para>
+ <para>
+ The current version of PL/Python functions as a trusted language only;
+ access to the filesystem and other local resources are disabled.
+ Specifically, PL/Python uses the Python restricted execution environment,
+ further restricts it to prevent the use of the file open call, and
+ allows only modules from a specific list to be imported. Presently,
+ that list includes: array, bisect, binascii, calendar, cmath, codecs,
+ errno, marshal, math, md5, mpz, operator, pcre, pickle, random, re,
+ regex, sre, sha, string, StringIO, struct, time, whrandom, and zlib.
+ </para>
+ <para>
+ There is discussion on creating an untrusted language variant for a
+ future release.
+ </para>
+ <para>
+ In the current version, any postgresql error encountered while running
+ a PL/Python function will result in the immediate termination of that
+ function by the backend. It is not possible to trap error conditions
+ using Python try ... catch constructs. For example, a syntax error in
+ an SQL statement passed to the plpy.execute() call will terminate the
+ function. This behavior may be changed in a future release.
+ </para>
</note>
<sect1 id="plpython-install">
--
GitLab