Assuming others think something like this might be interesting, would
something to do this be an OK candidate for my first patch, if only to
start this ball rolling?
a.
* Gregory Stark <stark@enterprisedb.com> [080404 14:57]:
> "Aidan Van Dyk" <aidan@highrise.ca> writes:
>
> > What if you didn't need super-user privileges to load "C" functions, on
> > the conditions that:
> > 1) There is no / in the obj_file filename (or some other "sanitizing"
> > rules)
> > 2) You're database owner
>
> That's an interesting idea. It has the property that no super-user is required
> to do any fiddling *inside* your database. That is, the ISP can just do CREATE
> DATABASE and then leave you have at it without having to deal with installing
> modules or granting any permissions inside your database.
>
> It also opens the door to .deb packagers being able to put pgfoundry modules
> in the same space. No other suggestion has offered any help to anything except
> blessed contrib modules.
>
> I would suggest a guc for the "safe" place and I would suggest it be a list of
> places. And I would suggest that for OS packagers they really want two
> locations on that list, something like:
> /usr/lib/postgresql/modules;/usr/local/lib/postgresql/modules
> That way users can compile and install their own modules into /usr/local
> without interfering with modules which come from OS packages.
--
Aidan Van Dyk Create like a god,
aidan@highrise.ca command like a king,
http://www.highrise.ca/ work like a slave.