Adjust safety restrictions for plperl functions. Andrew Dunstan's

patch, but allow srand and disallow sprintf as per subsequent discussion.

diff --git a/src/pl/plperl/plperl.c b/src/pl/plperl/plperl.c
index 3e3e4cc5ee77c5895789291585c61be64d391a58..8800fb4f64918dcccd4c86a2c4006fe14a7bea4b 100644 (file)
--- a/src/pl/plperl/plperl.c
+++ b/src/pl/plperl/plperl.c
@@ -33,7 +33,7 @@
  *   ENHANCEMENTS, OR MODIFICATIONS.
  *
  * IDENTIFICATION
- *   $PostgreSQL: pgsql/src/pl/plperl/plperl.c,v 1.55 2004/10/15 17:08:26 momjian Exp $
+ *   $PostgreSQL: pgsql/src/pl/plperl/plperl.c,v 1.56 2004/11/16 22:05:22 tgl Exp $
  *
  **********************************************************************/
 
@@ -250,17 +250,20 @@ plperl_safe_init(void)
 
    static char *safe_ok =
    "use vars qw($PLContainer); $PLContainer = new Safe('PLPerl');"
-   "$PLContainer->permit_only(':default');$PLContainer->permit(':base_math');"
-   "$PLContainer->share(qw[&elog &spi_exec_query &DEBUG &LOG &INFO &NOTICE &WARNING &ERROR %SHARED ]);"
+   "$PLContainer->permit_only(':default');"
+   "$PLContainer->permit(qw[:base_math !:base_io sort time]);"
+   "$PLContainer->share(qw[&elog &spi_exec_query &DEBUG &LOG "
+    "&INFO &NOTICE &WARNING &ERROR %SHARED ]);"
    "sub ::mksafefunc { return $PLContainer->reval(qq[sub { $_[0] $_[1]}]); }"
               ;
 
    static char *safe_bad =
    "use vars qw($PLContainer); $PLContainer = new Safe('PLPerl');"
-   "$PLContainer->permit_only(':default');$PLContainer->permit(':base_math');"
-   "$PLContainer->share(qw[&elog &DEBUG &LOG &INFO &NOTICE &WARNING &ERROR %SHARED ]);"
+   "$PLContainer->permit_only(':default');"
+   "$PLContainer->share(qw[&elog &ERROR ]);"
    "sub ::mksafefunc { return $PLContainer->reval(qq[sub { "
-   "elog(ERROR,'trusted perl functions disabled - please upgrade perl Safe module to at least 2.09');}]); }"
+   "elog(ERROR,'trusted perl functions disabled - "
+    "please upgrade perl Safe module to at least 2.09');}]); }"
               ;
 
    SV         *res;