[pgrouting-dev] GSoC 2022 Week 7 Report : Add Google Or tools functionality to pgrouting

Manas Sivakumar callmehero350 at gmail.com
Sun Aug 7 10:45:51 PDT 2022 

I'm extremely sorry for the late reply. I don't use this mail id
frequently. For now, I made install plpython3u as a dependency (I wasn't
aware of your concern). I'll see if there is a way to make it optional
because the functions that I have written right now need the plpython3u
extension for testing. May I know how exactly the plpythonu extension is
dangerous in your case? I mean the users can create their own function and
run it, this might be a problem as it makes us susceptible to SQL injection
attacks of sorts. Do you have any ideas/suggestions on how I could achieve
this?

Regards

On Mon, Aug 1, 2022 at 2:00 AM Imre Samu <pella.samu at gmail.com> wrote:

> Hi Manas,
>
> Thank you for working on this topic.
>
> > figure out how to add python ortools to pgrouting requirements
>
> I don't know all the details, so apologies if my comment is too early or
> already known.
>
> if it can be done, it would be ideal for me ( as a user )  if the
> plpython3u system requirement was optional and not mandatory.
> Now the plpythonu is an “untrusted” language[1]
>   and is not allowed to be installed in many places;  ( ~ strict security
> policy )
>
> [1] https://www.postgresql.org/docs/14/plpython.html
> *"The writer of a function in untrusted PL/Python must take care that the
> function cannot be used to do anything unwanted, since it will be able to
> do anything that could be done by a user logged in as the database
> administrator.  Only superusers can create functions in untrusted languages
> such as plpythonu."   *
>
> Regards,
>  Imre
>
>
> Manas Sivakumar <callmehero350 at gmail.com> ezt írta (időpont: 2022. júl.
> 31., V, 21:09):
>
>> Hello Everyone,
>> This is my week 7 report of the official coding period July 25th - July
>> 31th.
>> This also marks my first report for the second coding period.
>>
>> *What have I done this week?*
>>
>>    - Implemented multiple_knapsack in PL/Python
>>    - Implemented bin_packing in PL/Python
>>    - Converted knapsack from c++ to PL/Python
>>
>> *What do I plan to do next week?*
>>
>>    - figure out how to add python ortools to pgrouting requirements
>>
>> *Am I blocked on anything?*
>>
>>    - No
>>
>> Any feedback, comments and suggestions are welcome.
>> Pull Request : https://github.com/pgRouting/GSoC-pgRouting/pull/241
>>
>> _______________________________________________
>> pgrouting-dev mailing list
>> pgrouting-dev at lists.osgeo.org
>> https://lists.osgeo.org/mailman/listinfo/pgrouting-dev
>>
> _______________________________________________
> pgrouting-dev mailing list
> pgrouting-dev at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/pgrouting-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/pgrouting-dev/attachments/20220807/565fcb74/attachment.htm>

More information about the pgrouting-dev mailing list