4 PL/Tcl offers most of the capabilities a function writer has in the C
5 language, with a few restrictions, and with the addition of the
6 powerful string processing libraries that are available for Tcl.
8 One compelling good restriction is that everything is executed from
9 within the safety of the context of a Tcl interpreter. In addition to
10 the limited command set of safe Tcl, only a few commands are available
11 to access the database via SPI and to raise messages via elog(). PL/Tcl
12 provides no way to access internals of the database server or to gain
13 OS-level access under the permissions of the PostgreSQL server process,
14 as a C function can do. Thus, unprivileged database users can be
15 trusted to use this language; it does not give them unlimited
18 The other notable implementation restriction is that Tcl functions
19 cannot be used to create input/output functions for new data types.
21 Sometimes it is desirable to write Tcl functions that are not
22 restricted to safe Tcl. For example, one might want a Tcl function that
23 sends email. To handle these cases, there is a variant of PL/Tcl called
24 PL/TclU (for untrusted Tcl). This is exactly the same language except
25 that a full Tcl interpreter is used. If PL/TclU is used, it must be
26 installed as an untrusted procedural language so that only database
27 superusers can create functions in it. The writer of a PL/TclU function
28 must take care that the function cannot be used to do anything
29 unwanted, since it will be able to do anything that could be done by a
30 user logged in as the database administrator.
32 The shared object code for the PL/Tcl and PL/TclU call handlers is
33 automatically built and installed in the PostgreSQL library directory
34 if Tcl support is specified in the configuration step of the
35 installation procedure. To install PL/Tcl and/or PL/TclU in a
36 particular database, use the CREATE EXTENSION command, for example
37 CREATE EXTENSION pltcl or CREATE EXTENSION pltclu.
begriffs.com / projects / ai-pg / blob