Thanks again.
On Mon, 2009-10-12 at 21:14 -0400, Stephen Frost wrote:
> > Seems like the way to go, though it will be significantly slower
> than
> > psql or superuser reads (a couple of tables have ~10s-100sM rows).
>
> Erm, really? You've tested that and found it to be that much slower?
Sorry, question mark left out - that is how I have gone.
> Being able to read from any file the *unix* PG user can read from
> means
> you can access any file in the database.. Pretty serious from a
> security standpoint. Not sure what you're expecting here.
Yeah, didn't think of that. Thanks.
On Tue, 2009-10-13 at 02:13 +0100, Sam Mason wrote:
> Unless perl is doing some very funky stuff I'd expect you'll be waiting
> for the disks most of the time, Perl will just be shoving blocks of data
> around and this is fast. If performance is really your thing then C may
> help.
See comment above - more of a question than a statement.
> "stdin" effectively just means data from the client, the filesystem
> would be from "inside" the server and hence in the presence of a
> malicious client letting it do stuff with its own query seems OK whereas
> the server's filesystem is an authority you probably don't want to go
> spreading too widely and hence is limited to userusers.
That makes sense - thanks for the explanation.
cheers all