<!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/create_language.sgml,v 1.50 2010/04/03 07:22:58 petere Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/create_language.sgml,v 1.51 2010/05/30 02:23:09 momjian Exp $
PostgreSQL documentation
-->
<listitem>
<para>
- <literal>TRUSTED</literal> specifies that
- the language is safe, that is, it does not offer an
- unprivileged user any functionality to bypass access
- restrictions. If this key word is omitted when registering the
- language, only users with the
+ <literal>TRUSTED</literal> specifies that the language does
+ not grant access to data that the user would not otherwise
+ have. If this key word is omitted
+ when registering the language, only users with the
<productname>PostgreSQL</productname> superuser privilege can
use this language to create new functions.
</para>
-<!-- $PostgreSQL: pgsql/doc/src/sgml/xplang.sgml,v 1.37 2010/04/03 07:22:56 petere Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/xplang.sgml,v 1.38 2010/05/30 02:23:09 momjian Exp $ -->
<chapter id="xplang">
<title>Procedural Languages</title>
<optional>VALIDATOR <replaceable>validator_function_name</replaceable></optional> ;
</synopsis>
The optional key word <literal>TRUSTED</literal> specifies that
- ordinary database users that have no superuser privileges should
- be allowed to use this language to create functions and trigger
+ the language does not grant access to data that the user would
+ not otherwise have. Trusted languages are designed for ordinary
+ database users (those without superuser privilege) and allows them
+ to safely create of functions and trigger
procedures. Since PL functions are executed inside the database
server, the <literal>TRUSTED</literal> flag should only be given
for languages that do not allow access to database server
projects / postgresql / commitdiff