"Thiago Maluf" <malufrj@gmail.com> writes:
> I have one database server with postgresql 8.1 and I discovered yesterday
> one security problem.
> When I access my server with thought psql I have the possibility execute
> command in my server using "\!" or write one file using "\e".
These are done on the client side, not the server side. There is no
security issue here, because psql's user could equally well do the
same things without using psql.
regards, tom lane