Re: [GENERAL] BUG #1830: Non-super-user must be able to copy from a - Mailing list pgsql-bugs

From Sean Utt
Subject Re: [GENERAL] BUG #1830: Non-super-user must be able to copy from a
Date
Msg-id 00ba01c5a495$813677c0$0201a8c0@randomnoise
Whole thread Raw
In response to Re: BUG #1830: Non-super-user must be able to copy from a file  (Bruno Wolff III <bruno@wolff.to>)
Responses Re: [GENERAL] BUG #1830: Non-super-user must be able to copy from a
Re: [GENERAL] BUG #1830: Non-super-user must be able to copy from a
List pgsql-bugs
Yeah, I'm -vvv tonight.

psql provides \COPY table from file

how about
String cmd = "psql -c '\COPY table from file' -U user -d database"
Process p = Runtime.getRuntime( ).exec( cmd );
yatta yatta yatta, blah blah blah

naturally, if the database/server doesn't trust you, you'll have to jump
some hoops to get the password to the server, but then, trust is really the
issue, isn't it? And if you've been keeping an eye on the securityfocus
lists, you'd know that it is all about the trust.

What I keep hearing in this ongoing thread is the tradeoff between
convenience and security.

I want security, and you want convenience. If you own the server, you win.
Buy a server, pay for the bandwidth, learn to administer a server, and all
your problems disappear.

Don't want to do that? Then you have to live by my rules, because I own the
server, where your database lives.

Once again, if you are the expert, solve the problem. If you are not, pay
the expert to solve the problem. If the cost to fix the problem is higher
than you are willing to pay, the problem is not that important. If the cost
to fix the problem is more than you can afford --- bummer
dude!!!!

That is the way the world works. If you don't like it, look for a different
world. If you are rich, and/or completely without morals, and prone to
self-centered fantasy try the world of people who pretend to be Conservative
Republicans in the USA. (This is not intended as a slam against people who
are actually Republicans, or Conservatives --- unless they have failed to
speak out against those who usurp their identity.)

Sean



----- Original Message -----
From: "Bernard" <bht@actrix.gen.nz>
To: "Greg Stark" <gsstark@mit.edu>
Cc: <pgsql-bugs@postgresql.org>; <pgsql-general@postgresql.org>
Sent: Friday, August 19, 2005 12:21 AM
Subject: Re: [GENERAL] [BUGS] BUG #1830: Non-super-user must be able to copy
from a


Greg,

The desired COPY FILE functionality for a local non-superuser user
would require a local file. That file is available locally.

A suggested workaround COPY with STDIN would involve the TCP pipe.
This does of course have the support for remote uploads.

But I am not currently interested in remote data transfers.

Regards

Bernard

On 19 Aug 2005 02:03:54 -0400, you wrote:

>
>Oliver Jowett <oliver@opencloud.com> writes:
>
>> Bernard was also objecting to the overhead of pushing the data down a
>> TCP pipe when it's already available locally, I think.. I didn't find
>> any real difference there when I compared the two methods, though.
>
>What makes you think it's necessarily available locally?


---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?

               http://www.postgresql.org/docs/faq




pgsql-bugs by date:

Previous
From: "Sean Utt"
Date:
Subject: Re: BUG #1830: Non-super-user must be able to copy from a file
Next
From: "Sean Utt"
Date:
Subject: Re: BUG #1830: Non-super-user must be able to copy from a file