Rename plpython to plpythonu, and update documentation to reflect its

now-untrusted status.
2025-06-11 20:28:21 +03:00 · 2003-06-30 18:31:42 +00:00
parent 219e29784d
commit 6115224448
12 changed files with 86 additions and 108 deletions
--- a/doc/src/sgml/plpython.sgml
+++ b/doc/src/sgml/plpython.sgml
@ -1,4 +1,4 @@
-<!-- $Header: /cvsroot/pgsql/doc/src/sgml/plpython.sgml,v 1.16 2003/04/07 01:29:25 petere Exp $ -->
+<!-- $Header: /cvsroot/pgsql/doc/src/sgml/plpython.sgml,v 1.17 2003/06/30 18:31:41 tgl Exp $ -->

 <chapter id="plpython">
 <title>PL/Python - Python Procedural Language</title>
@ -14,9 +14,21 @@

 <para>
  To install PL/Python in a particular database, use
-  <literal>createlang plpython <replaceable>dbname</></literal>.
+  <literal>createlang plpythonu <replaceable>dbname</></literal>.
 </para>

+ <note>
+  <para>
+   As of <productname>PostgreSQL</productname> 7.4,
+   PL/Python is only available as an <quote>untrusted</> language
+   (meaning it does not offer any way of restricting what users
+   can do in it).  It has therefore been renamed to <literal>plpythonu</>.
+   The trusted variant <literal>plpython</> may become available again in
+   future, if a new secure execution mechanism is developed by the Python
+   community.
+  </para>
+ </note>
+
  <tip>
   <para>
    If a language is installed into <literal>template1</>, all subsequently
@ -41,7 +53,7 @@
 <programlisting>
 CREATE FUNCTION myfunc(text) RETURNS text
    AS 'return args[0]'
-    LANGUAGE plpython;
+    LANGUAGE plpythonu;
 </programlisting>

   gets transformed into
@ -78,6 +90,8 @@ def __plpython_procedure_myfunc_23456():
   available to all Python functions within a session.  Use with care.
  </para>

+<!-- NOT CORRECT ANYMORE, IS IT?
+
  <para>
   Each function gets its own restricted execution object in the
   Python interpreter, so that global data and function arguments from
@ -85,6 +99,9 @@ def __plpython_procedure_myfunc_23456():
   <function>myfunc2</function>.  The exception is the data in the
   <varname>GD</varname> dictionary, as mentioned above.
  </para>
+
+-->
+
 </sect1>

 <sect1 id="plpython-trigger">
@ -218,11 +235,13 @@ CREATE FUNCTION usesavedplan() RETURNS trigger AS '
        plan = plpy.prepare("SELECT 1")
        SD["plan"] = plan
    # rest of function
-' LANGUAGE plpython;
+' LANGUAGE plpythonu;
 </programlisting>
  </para>
 </sect1>

+<!-- NOT CURRENTLY SUPPORTED 
+
 <sect1 id="plpython-trusted">
  <title>Restricted Environment</title>

@ -245,4 +264,6 @@ CREATE FUNCTION usesavedplan() RETURNS trigger AS '
  </para>
 </sect1>

+-->
+
 </chapter>
--- a/doc/src/sgml/release.sgml
+++ b/doc/src/sgml/release.sgml
@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.195 2003/06/28 00:12:40 tgl Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.196 2003/06/30 18:31:41 tgl Exp $
 -->

 <appendix id="release">
@ -24,6 +24,7 @@ CDATA means the content is "SGML-free", so you can write without
 worries about funny characters.
 -->
 <literallayout><![CDATA[
+PL/Python is now an untrusted language, and is renamed to 'plpythonu'
 Dollar sign ($) is no longer allowed in operator names
 Dollar sign ($) can be a non-first character in identifiers
 Precision in FLOAT(p) is now interpreted as bits, not decimal digits
--- a/doc/src/sgml/xplang.sgml
+++ b/doc/src/sgml/xplang.sgml
@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/xplang.sgml,v 1.21 2003/04/07 01:29:26 petere Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/xplang.sgml,v 1.22 2003/06/30 18:31:42 tgl Exp $
 -->

 <chapter id="xplang">
@ -109,13 +109,14 @@ CREATE <optional>TRUSTED</optional> <optional>PROCEDURAL</optional> LANGUAGE <re
      for languages that do not allow access to database server
      internals or the file system. The languages
      <application>PL/pgSQL</application>,
-      <application>PL/Tcl</application>,
-      <application>PL/Perl</application>, and
-      <application>PL/Python</application> are known to be trusted;
-      the languages <application>PL/TclU</application> and
-      <application>PL/PerlU</application> are designed to provide
-      unlimited functionality and should <emphasis>not</emphasis> be
-      marked trusted.
+      <application>PL/Tcl</application>, and
+      <application>PL/Perl</application>
+      are considered trusted; the languages
+      <application>PL/TclU</application>,
+      <application>PL/PerlU</application>, and
+      <application>PL/PythonU</application>
+      are designed to provide unlimited functionality and should
+      <emphasis>not</emphasis> be marked trusted.
     </para>
    </step>
   </procedure>
@ -158,7 +159,7 @@ CREATE TRUSTED PROCEDURAL LANGUAGE plpgsql
    directory. If <application>Tcl/Tk</> support is configured in, the handlers for
    <application>PL/Tcl</> and <application>PL/TclU</> are also built and installed in the same
    location.  Likewise, the <application>PL/Perl</> and <application>PL/PerlU</> handlers are built
-    and installed if Perl support is configured, and <application>PL/Python</> is
+    and installed if Perl support is configured, and <application>PL/PythonU</> is
    installed if Python support is configured.
   </para>