On 20/12/2020 21:05, David Fetter wrote:
We have plenty of ways to spawn shells and cause havoc, and we wouldn't be able to block them all even if we decided to put a bunch of pretty onerous restrictions on psql at this very late date. We have \set, backticks, \!, and bunches of things less obvious that could, even without a compromised server, cause real mischief.
There is a big difference between having to trust the server or not. Yeah, you could cause a lot of mischief if you let a user run arbitrary psql scripts on your behalf. But that's no excuse for opening up a whole another class of problems.
- Heikki