Home > mailing lists

Re: pg_execute_from_file, patch v10 - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: pg_execute_from_file, patch v10
Date	December 14, 2010 02:58:27
Msg-id	27805.1292299097@sss.pgh.pa.us Whole thread Raw
In response to	Re: pg_execute_from_file, patch v10 (Itagaki Takahiro <itagaki.takahiro@gmail.com>)
Responses	Re: pg_execute_from_file, patch v10 (Dimitri Fontaine <dimitri@2ndQuadrant.fr>)
List	pgsql-hackers

Tree view

Itagaki Takahiro <itagaki.takahiro@gmail.com> writes:
> On Tue, Dec 14, 2010 at 12:47, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> lo_import is superuser-only.  If we design this feature so that it will
>> forever have to be superuser-only, to get a behavior that I think we
>> don't even *want*, I believe we're making a serious error.

> CREATE EXTENSION and pg_read_file() is also superuser-only, no?

CREATE EXTENSION will be superuser to start with, no doubt, but I think
we'll someday want to allow it to database owners, just as happened with
CREATE LANGUAGE.  Let's not build it on top of operations that
inherently involve security problems, especially when there's no need
to.
        regards, tom lane

pgsql-hackers by date:

From: Itagaki Takahiro
Date: 14 December 2010, 02:55:21
Subject: Re: pg_execute_from_file, patch v10

From: KaiGai Kohei
Date: 14 December 2010, 03:13:39
Subject: Re: rest of works for security providers in v9.1

Re: pg_execute_from_file, patch v10 - Mailing list pgsql-hackers

Previous

Next