Tom Lane wrote:
Andrew Dunstan <[EMAIL PROTECTED]> writes:
How about if we do something like this?:
. initdb creates a tmpdir inside the datadir
. a new GUC var called allowed_copy_locations which is a PATH type
string specifying what directories we can copy to/from. This would by
default be "$tmpdir"
Given that COPY to/from a file is already allowed only to superusers,
I'm not sure how effective a GUC variable will be in constraining what
they do with it. We'd have to at least restrict it to SIGHUP, which'd
mean you couldn't change it without the ability to write the config
file.
If we actually had an API for remote config changes, rather than just
allowing file system level access, one might have a category of settings
that could not be set remotely - this would be a prime candidate ;-)
cheers
andrew
---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?
http://archives.postgresql.org
