| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Magnus Hagander <mha(at)sollentuna(dot)net>, Andreas Pflug <pgadmin(at)pse-consulting(dot)de>, Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Dave Page <dpage(at)vale-housing(dot)co(dot)uk>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: For review: Server instrumentation patch |
| Date: | 2005-07-25 01:32:19 |
| Message-ID: | 42E44123.7010601@dunslane.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
>Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
>
>
>>How about if we do something like this?:
>>
>>
>
>
>
>>. initdb creates a tmpdir inside the datadir
>>. a new GUC var called allowed_copy_locations which is a PATH type
>>string specifying what directories we can copy to/from. This would by
>>default be "$tmpdir"
>>
>>
>
>Given that COPY to/from a file is already allowed only to superusers,
>I'm not sure how effective a GUC variable will be in constraining what
>they do with it. We'd have to at least restrict it to SIGHUP, which'd
>mean you couldn't change it without the ability to write the config
>file.
>
>
>
>
If we actually had an API for remote config changes, rather than just
allowing file system level access, one might have a category of settings
that could not be set remotely - this would be a prime candidate ;-)
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-07-25 03:06:50 | Couple of minor buildfarm issues |
| Previous Message | Christopher Kings-Lynne | 2005-07-25 01:31:15 | Re: [HACKERS] Autovacuum loose ends |