On 05/19/2011 10:10 AM, Craig de Stigter wrote:
1. I'm assuming that the dump format can contain arbitrary sql commands, so a pg_restore of this nature should be run under an untrusted account in its own restricted schema. Can someone confirm that this is the case?
Correct. You very definitely want to run the restore under a limited-privs account.
2. The dump is presumed to contain exactly one table, which I want to load into my restricted schema. But it seems pg_restore has no option to set the schema during restoration. It always loads into the original schema as stored in the dump. How can I get around this?
If you're using a table structure you defined rather than a user-defined one you can use COPY rather than pg_restore. That way you're guaranteed to have data and only data. They'd need to dump their table with a COPY command, but that's pretty trivial.
-- Craig Ringer -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
