PL/Tcl is a loadable procedural language for the PostgreSQL database system that enables the Tcl language to be used to write functions and trigger procedures.
PL/Tcl offers most of the capabilities a function writer has in the C language, except for some restrictions.
The good restriction is that everything is executed in a safe
Tcl interpreter. In addition to the limited command set of safe Tcl, only
a few commands are available to access the database via SPI and to raise
elog(). There is no way to access internals of the
database server or to gain OS-level access under the permissions of the
PostgreSQL server process, as a C function can do.
Thus, any unprivileged database user may be
permitted to use this language.
The other, implementation restriction is that Tcl functions cannot be used to create input/output functions for new data types.
Sometimes it is desirable to write Tcl functions that are not restricted to safe Tcl. For example, one might want a Tcl function that sends email. To handle these cases, there is a variant of PL/Tcl called PL/TclU (for untrusted Tcl). This is the exact same language except that a full Tcl interpreter is used. If PL/TclU is used, it must be installed as an untrusted procedural language so that only database superusers can create functions in it. The writer of a PL/TclU function must take care that the function cannot be used to do anything unwanted, since it will be able to do anything that could be done by a user logged in as the database administrator.
The shared object for the PL/Tcl and PL/TclU call handlers is automatically built and installed in the PostgreSQL library directory if Tcl support is specified in the configuration step of the installation procedure. To install PL/Tcl and/or PL/TclU in a particular database, use the createlang program, for example createlang pltcl dbname or createlang pltclu dbname.