Re: About "ERROR: must be *superuser* to COPY to or from a file"

From: "John D(dot) Burger" <john(at)mitre(dot)org>
To: Greg Stark <gsstark(at)mit(dot)edu>
Cc: Postgresql-General <pgsql-general(at)postgresql(dot)org>
Subject: Re: About "ERROR: must be *superuser* to COPY to or from a file"
Date: 2005-08-29 03:10:02
Message-ID: 1485292af0b2c75064d5ee609b7fdd77@mitre.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

>> Well, they would have access to every world readable file on the
>> system, ie /etc, /usr, /lib, ... most files are world readable.
>> There's
>> a lot of discussion about this, yet no-one has demonstrated that COPY
>> FROM STDIN isn't just as good and avoids all the issues entirely.
>
> Well they're world-readable. So, uh, huh?

I haven't completely followed the details of this, but I took the point
to be that the files might be readable for anyone with a real account
on the server machine, but that doesn't mean they should be accessible
to every remote DB user.

- John Burger
MITRE

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Jamie Deppeler 2005-08-29 03:45:32 Re: stack depth limit exceeded
Previous Message Tom Lane 2005-08-29 02:42:38 Re: stack depth limit exceeded