Re: [HACKERS] Don't allow relative path for copy from file
On Thu, Aug 16, 2012 at 2:11 AM, Etsuro Fujita fujita.ets...@lab.ntt.co.jp wrote: Agreed. I'd like to withdraw the patch sent in the earlier post, and propose to update the documentation in the COPY reference page. Please find attached a patch. I think this is a good idea, but I didn't like the exact wording you chose, so I committed something a little different. Let me know whether it looks OK. Thanks, -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] Don't allow relative path for copy from file
From: Robert Haas [mailto:robertmh...@gmail.com] On Thu, Aug 16, 2012 at 2:11 AM, Etsuro Fujita fujita.ets...@lab.ntt.co.jp wrote: Agreed. I'd like to withdraw the patch sent in the earlier post, and propose to update the documentation in the COPY reference page. Please find attached a patch. I think this is a good idea, but I didn't like the exact wording you chose, so I committed something a little different. Let me know whether it looks OK. It looks fine to me. Thanks! Best regards, Etsuro Fujita -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] Don't allow relative path for copy from file
From: Tom Lane [mailto:t...@sss.pgh.pa.us] Etsuro Fujita fujita.ets...@lab.ntt.co.jp writes: As described in the reference manual for COPY, we should to check file's path format not to allow relative path. Please find attached a patch. The argument for disallowing writing to a relative path is to make it harder to accidentally overwrite a database file. That argument does not apply to COPY IN, so I'm not convinced we should impose an additional restriction. It's not out of the question that this would break real-world use-cases --- imagine someone whose workflow involves copying data files across a network to a directory accessible to the server (and quite possibly specified by a relative path) and then doing COPY IN. In any case, this patch is missing documentation updates, specifically the paragraph in the COPY reference page that it falsifies. Agreed. I'd like to withdraw the patch sent in the earlier post, and propose to update the documentation in the COPY reference page. Please find attached a patch. Thanks, Best regards, Etsuro Fujita copy_ref_page.patch Description: Binary data -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
[HACKERS] Don't allow relative path for copy from file
As described in the reference manual for COPY, we should to check file's path format not to allow relative path. Please find attached a patch. Thanks, Best regards, Etsuro Fujita copy_from_pathcheck.patch Description: Binary data -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] Don't allow relative path for copy from file
Etsuro Fujita fujita.ets...@lab.ntt.co.jp writes: As described in the reference manual for COPY, we should to check file's path format not to allow relative path. Please find attached a patch. The argument for disallowing writing to a relative path is to make it harder to accidentally overwrite a database file. That argument does not apply to COPY IN, so I'm not convinced we should impose an additional restriction. It's not out of the question that this would break real-world use-cases --- imagine someone whose workflow involves copying data files across a network to a directory accessible to the server (and quite possibly specified by a relative path) and then doing COPY IN. In any case, this patch is missing documentation updates, specifically the paragraph in the COPY reference page that it falsifies. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers