Andreas Pflug <[EMAIL PROTECTED]> writes: >> This patch looks good. The only question I have is why you >> didn't want the pgport rename/unlink calls?
> Because I wanted the standard platform behaviour of both. For backend > storage subsystem purposes, it's certainly necessary to emulate *ix > behaviour of deleting a file in use, but for generic file access IMHO > the generic behaviour should be exposed. I'm going to repeat my firm opposition to this patch. Under the innocuous-sounding banner of "server instrumentation", you are once again trying to put in generic file access capabilities that will allow remote Postgres superusers full access to the server filesystem. The potential security risks of this are obvious to anyone. The only justification that has been offered is "this will make remote administration easier". Well, yeah, but it will make remote breakins easier too. Valuing ease of use over security is the philosophy that got Microsoft into the mess they're in now --- do we want to follow that precedent? The use-case for this seems to be to substitute for having local login privileges on the server machine. Well, if the sysadmins of that machine refuse to give you manual login privileges, they probably have good reasons for it, and will not be very happy to see an end-run around their restriction in the form of the database giving you remote filesystem access. I would have no problem with this patch as an optional add-on (eg, a contrib module), so that individual installations could decide whether they want to take the incremental security risk. In that form it's basically equivalent to deciding you want to install an untrusted PL language. We don't install those by default and we shouldn't install generic filesystem access by default either. If we accept this patch I foresee security-conscious admins starting to question whether they should allow Postgres to be installed at all on their systems. We don't need that kind of impediment to acceptance. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings