(I apologize if I've dug up a long-dead horse, but I haven't found any
posts in the archive on this that really explain what I'm asking.)

We are looking to use plpython in PostgreSQL, but it's being downgraded
to "untrusted" and/or being completely removed because Python's rexec
went away. Why did rexec go away, specifically? I know it had security
issues, but couldn't these have been fixed? Did the module just have too
many integral flaws in the design to be worth saving?

Is anyone working on a replacement? If not, why not? Even if plpython
isn't very widely used, I think it's still important for advocacy. I'd
much rather write Python than PL.

Anyway, I'm looking for a summary of specific reasons why rexec went
away without a replacement. I understand completely that it had flaws
and was insecure; I'm only confused as to why these flaws were

Given a bit more assurance that a replacement would be useful and
possible, we potentially have the resources to do so. Having a working
and trusted plpython is valuable to both my own organization and, IMHO,
the Python world itself.


Tim Gerla
Outsource Financial Services, LLC.
tgerla at outsourcefinancial.com

Search Discussions

Discussion Posts

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 1 of 11 | next ›
Discussion Overview
grouppython-list @
postedJul 16, '03 at 5:54p
activeJul 18, '03 at 5:16a



site design / logo © 2022 Grokbase