We discussed untrusted PL/PythonU in Chapter 8, Using Unrestricted Languages. PL/Perl is also available as an untrusted language. The trusted version runs inside a security context that does not allow interaction with the environment. Just like PL/Pythonu, we can bypass the security restrictions using PL/Perlu or the untrusted version. Let's rewrite the directory listing function list_folder from Chapter 8, Listing directory contents to a Perl equivalent:
CREATE OR REPLACE FUNCTION list_folder_plperl(directory VARCHAR) RETURNS SETOF TEXT
AS $$
my $d = shift;
opendir(D, "$d") || elog (ERROR,'Cant open directory '.$d) ;
my @list = readdir(D);
closedir(D);
foreach my $f (@list) {
return_next($f);
}
return undef;
$$ LANGUAGE plperlu;Let's run our function, as shown here:
testdb=# SELECT list_folder_plperl('/usr/local/pgsql/bin'), list_folder_plperl
--------------------
.
..
clusterdb
createdb
createlang
createuser
dropdb
droplang
dropuser
ecpg
initdb
pg_basebackup
pg_config
pg_controldata
pg_ctl
pg_dump
pg_dumpall
pg_isready
pg_receivexlog
pg_resetxlog
pg_restore
postgres
postmaster
psql
reindexdb
vacuumdb
(26 rows)If we try to create the preceding function as plperl instead of plperlu, we will get an error such as ERROR: 'opendir' trapped by operation mask at line 3 by the validator, because we are trying to access the host system.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.