Stephen Frost <sfrost@snowman.net> writes:
> I agree that this seems to need more discussion and explanation as it
> isn't actually sufficient by itself for "anyone who wants to disallow
> file system access" as the initial post claimed. If there isn't
> sufficient explanation coming forward to support this change by itself
> then we can reject it, but I don't think it makes sense to try and morph
> it into something a lot more generic and a lot harder to actually get
> right and document and guarantee.
The reason I pushed the discussion in that direction was that I was
curious to see if --disable-disk-access could actually be a thing.
If it could, it'd have clear utility for at least some service providers.
But it seems the (preliminary?) conclusion is "no, we still can't do that
in any way that's credibly bulletproof". So yeah, that justification
for the currently-proposed patch doesn't seem to hold water.
regards, tom lane
