On Thu, Nov 9, 2017 at 12:58 PM, Andres Freund <andres(at)anarazel(dot)de> wrote:
> You can already pass arbitrary byteas to heap_page_items(), so I don't
> see how this'd change anything exposure-wise? Or are you thinking that
> users would continually do this with actual page contents and would be
> more likely to hit edge cases than if using pg_read_binary_file() or
> such (which obviously sees an out of date page)?
More the latter. It's not really an increase in terms of security
exposure, but it might lead to more trouble in practice.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company