Home > mailing lists

Re: [PATCH] Add enable_copy_program GUC to control COPY PROGRAM - Mailing list pgsql-hackers

From	Nathan Bossart
Subject	Re: [PATCH] Add enable_copy_program GUC to control COPY PROGRAM
Date	December 3 20:02:55
Msg-id	aTBtP4HcqpjNGcQ-@nathan Whole thread Raw
In response to	Re: [PATCH] Add enable_copy_program GUC to control COPY PROGRAM (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [PATCH] Add enable_copy_program GUC to control COPY PROGRAM
List	pgsql-hackers

Tree view

On Wed, Dec 03, 2025 at 10:02:44AM -0500, Tom Lane wrote:
> This argument is nonsense, because if you've got superuser you can
> just change the GUC's setting again.  Not to mention all the *other*
> ways that a superuser can break out to the OS level.  I don't think
> this proposal adds anything except more complication, which is not
> a good attribute for security-critical considerations.

See also this recent discussion about a --with-copy-program compile flag:

    https://postgr.es/m/flat/CAGRrpza_WUY_jaN4P-xkN%3DTdqfxH%2BeJJazZAo5gg%3DkQoEaQnVw%40mail.gmail.com

-- 
nathan

pgsql-hackers by date:

From: Heikki Linnakangas
Date: 03 December, 19:56:59
Subject: Re: Serverside SNI support in libpq

From: Heikki Linnakangas
Date: 03 December, 20:19:53
Subject: Re: IPC/MultixactCreation on the Standby server

Re: [PATCH] Add enable_copy_program GUC to control COPY PROGRAM - Mailing list pgsql-hackers

Previous

Next