Re: Directory/File Access Permissions for COPY and Generic File Access Functions

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Brightwell, Adam" <adam(dot)brightwell(at)crunchydatasolutions(dot)com>
Cc: PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Directory/File Access Permissions for COPY and Generic File Access Functions
Date: 2014-10-16 03:34:22
Message-ID: 27818.1413430462@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

"Brightwell, Adam" <adam(dot)brightwell(at)crunchydatasolutions(dot)com> writes:
> The attached patch for review implements a directory permission system that
> allows for providing a directory read/write capability to directories for
> COPY TO/FROM and Generic File Access Functions to non-superusers.

TBH, this sounds like it's adding a lot of mechanism and *significant*
risk of unforeseen security issues in order to solve a problem that we
do not need to solve. The field demand for such a feature is just about
indistinguishable from zero.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Fujii Masao 2014-10-16 04:25:59 CREATE POLICY and RETURNING
Previous Message Brightwell, Adam 2014-10-16 03:21:34 Directory/File Access Permissions for COPY and Generic File Access Functions