-----Original Message-----
From: pgsql-hackers-owner@postgresql.org on behalf of Steve Atkins
Sent: Sun 7/31/2005 5:35 AM
To: PostgreSQL-development
Subject: Re: [HACKERS] Remote administration functionality
> So, while I can see the attraction of being able to futz with the
> database security configuration through a PHP web interface running on
> an unpatched Apache build somewhere out on the open internet (and
> would like to be able to do so myself, sometimes) I'd really, really
> like to see the ability to disable as much of this at compile time as
> is convenient.
Yes, Tom expressed a similar concern and suggested he would be happy with a GUC to disable potentially dangerous
functions(which we could later extend to other features like untrusted PLs). This GUC was added to the patch by Magnus
yesterdayand would allow you to secure your system from attacks via the new functions in an insecure environment.
Regards, Dave.
