Database Reference
In-Depth Information
Can you use the untrusted languages for important functions? Absolutely. Some-
times, it may be the only way to accomplish some tasks from inside the server. Per-
forming simple queries and computations should do nothing harmful to your data-
base, and neither should connecting to the external world for sending e-mails, fetch-
ing web pages, or doing SOAP requests. They may cause delays and even queries
that get stuck, but these can usually be dealt with by setting an upper limit as to how
long a query can run by using an appropriate statement time-out value. Setting a
reasonable statement time-out value by default is a good practice anyway.
So, if you don't deliberately do risky things, the probability of harming the database is
no bigger than using a "trusted" (also known as "restricted") variant of the language.
However, if you give the language to someone who starts changing bytes on the pro-
duction database "to see what happens", you probably get what you asked for.
