| From: | Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Disable executing external commands from psql? |
| Date: | 2010-06-02 03:36:15 |
| Message-ID: | 4C05D1AF.1010106@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
> psql is really, really meant to be run
> on the client side.
I appreciate that, but the people I'm targeting are just not going to
have psql on their systems.
> No, you missed the point: those functions, as well as others, are
> useless unless psql is running inside a filesystem that the user has
> (easy) read/write access to.
Maybe I'm missing something (or haven't explained). The users would
definitely have access to the filesystems. Setting my login shell to
psql or lobotomizing the \! function wouldn't change that.
But even going beyond that, I love the psql program. I really, really
do. I use it all the time, and would choose it over a GUI or other
means of access any day. I wouldn't want to live without \!, or PAGER,
or lots of other nifty stuff. But for the use cases I'm envisioning,
those are all useless frills (or if not useless, of secondary or
tertiary significance). There's still a lot you can do with psql even
without those commands, and I don't see why that should be considered an
invalid use case.
Thanks for listening, and cheers,
Ken
On 06/01/2010 08:22 PM, Tom Lane wrote:
> Ken Tanzer<ken(dot)tanzer(at)gmail(dot)com> writes:
>
>>> You will for example be making it awfully difficult for them to use
>>> \copy, \i, \e, \g, the list goes on.
>>>
>
>> I'm not really eager to go down this path, but nonetheless it's not
>> obvious to me why giving psql a lobotomy (or hopefully a careful
>> surgical tweak) to disable the "\!" functionality would impact all those
>> other functions.
>>
> No, you missed the point: those functions, as well as others, are
> useless unless psql is running inside a filesystem that the user has
> (easy) read/write access to. psql is really, really meant to be run
> on the client side.
>
> regards, tom lane
>
--
-------------------------------------------------------
AGENCY Software
For nonprofits that want to take control of their data
Use it. Like it. Share it. Build it. Buy it.
http://agency-software.org
-------------------------------------------------------
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gareth.Williams | 2010-06-02 04:00:49 | Re: create index concurrently - duplicate index to reduce time without an index |
| Previous Message | Bruce Momjian | 2010-06-02 03:26:33 | Re: server-side extension in c++ |