What do people think about the Oracle method where bulk data operations can only occur in a specified directory? Making that restriction might address some of the security concerns. I don't think we should change COPY in such a way that you *have* to use a specified directory, but if it was an option that helped with the security concerns...