From: | victor3(dot)lopes(at)voila(dot)fr <victor3(dot)lopes(at)voila(dot)fr> |
---|---|
To: | rmunn <rmunn(at)pobox(dot)com> |
Cc: | pgsql-interfaces(at)postgresql(dot)org |
Subject: | Re: TR: Re: TR: interface PERL and return results |
Date: | 2002-10-11 22:36:37 |
Message-ID: | H3U9H1$01B06C91FCC754BFF0439A1737D29C10@voila.fr |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-interfaces |
Ok I understands better maintaining this constraint.
This is why I would use the first method across <STDIN> functionnality :-)
Thank you with all the people during this wire to have helped me in this investigation :-)
Victor
* From: rmunn(at)pobox(dot)com
* To: "victor3(dot)lopes(at)voila(dot)fr" <victor3(dot)lopes(at)voila(dot)fr>
* Subject: Re: TR: Re: TR: interface PERL and return results
* Date: Fri, 11 Oct 2002 09:22:46 -0500
> Yes, the reason for this is security reasons. If anyone could read from
> any file, then it would be easy to read, say, '/etc/passwd' into a
> database table. And if anyone could write to any file, you might be able
> to clobber important security files like /etc/passwd, or just do a
> denial-of-service attack by writing gigabytes and gigabytes until the
> disk fills up.
>
> Anytime you give direct access to the hard disk, in any way at all, to a
> user connecting from the Web, you have created a LOT of security
> problems. That's why file access is limited only to the postgres
> superuser. It's better not to allow file access from the web AT ALL, but
> if you really must, then you can use the postgres superuser -- but be
> certain that you know what you're doing.
>
> --
> Robin Munn
>rmunn(at)pobox(dot)com
> Attachment: pgp00003.pgp
> Description: PGP signature
------------------------------------------
Faites un voeu et puis Voila ! www.voila.fr
From | Date | Subject | |
---|---|---|---|
Next Message | John Joseph Bachir | 2002-10-13 21:14:02 | what versino of perl |
Previous Message | Jean-Luc Lachance | 2002-10-11 14:31:50 | Re: TR: Re: TR: interface PERL and return results |