Re: Don't do that: Changing the working directory in a plpython function
On Fri, Nov 20, 2020 at 4:11 PM Wolfgang Walther
<[hidden email]> wrote:
> this is on PG 12.5:
> create extension plpython3u;
> create function cwd() returns void
> language plpython3u as $$
> import os
> select cwd();
> create table t();
> ERROR: could not open file "base/13457/2663": No such file or directory
> LINE 1: create table t();
> The server is now unusable, almost everything will throw.
> Somebody did something similar on a server with a bit more stuff going
> on and this gave:
> PANIC: could not create file "pg_wal/xlogtemp.xxxxx": No such file or
> And then the whole PG server restarted.
> It's not really that surprising - after the fact. Before, I wouldn't
> have guessed that this has such an impact.
> As a side-note: plperlu is obviously the same, but plperl blocks chdir.
> I am not sure whether this is considered a bug or just in the category
> "don't do that, stupid..."?
This is one of many things you can break when using an untrusted
procedural language. It's basically what the "untrusted" part means -
the lack of a sandbox preventing you from doing exactly this type of
thing (there's of course an almost infinite number of different ways
you can cause breakage when you get to run code without a sandbox,
this just happens to be a very simple one).