From 2bde07c198a4995a4a756c58ee65d030a0e6ee02 Mon Sep 17 00:00:00 2001 From: Bruce Momjian Date: Sun, 30 May 2010 02:23:09 +0000 Subject: [PATCH] Clarify the meaning of "trusted language" in the documentation. --- doc/src/sgml/ref/create_language.sgml | 11 +++++------ doc/src/sgml/xplang.sgml | 8 +++++--- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/doc/src/sgml/ref/create_language.sgml b/doc/src/sgml/ref/create_language.sgml index 679f8d50b1..54245641e1 100644 --- a/doc/src/sgml/ref/create_language.sgml +++ b/doc/src/sgml/ref/create_language.sgml @@ -1,5 +1,5 @@ @@ -104,11 +104,10 @@ CREATE [ OR REPLACE ] [ TRUSTED ] [ PROCEDURAL ] LANGUAGE Procedural Languages @@ -151,8 +151,10 @@ CREATE TRUSTED PROCEDURAL LANGUAGE VALIDATOR validator_function_name ; The optional key word TRUSTED specifies that - ordinary database users that have no superuser privileges should - be allowed to use this language to create functions and trigger + the language does not grant access to data that the user would + not otherwise have. Trusted languages are designed for ordinary + database users (those without superuser privilege) and allows them + to safely create of functions and trigger procedures. Since PL functions are executed inside the database server, the TRUSTED flag should only be given for languages that do not allow access to database server -- 2.40.0