From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Dhanaraj(dot)M(at)Sun(dot)COM, pgsql-patches(at)postgresql(dot)org |
Subject: | Re: Patch for - Allow server logs to be remotely read |
Date: | 2006-06-08 14:28:02 |
Message-ID: | 200606081428.k58ES2422479@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-patches |
Tom Lane wrote:
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > Is that wrong? Yes. Looking at the C file, I see what you mean. Let
> > me update the README.adminpack file. read_file is already in the
> > backend code, and was in 8.1.X too.
>
> I wonder if we should take pg_read_file (and the rest of genfile.c)
> back out of the backend and stick them into contrib/adminpack. The
> argument for having them in the backend was always pretty weak to me.
> In particular, a DBA who doesn't want them in his system for security
> reasons has no simple way to get rid of them if they're in core, but
> not installing a contrib module is easy enough.
I thought about that but what we have in the backend now is read-only
which basically could be done using COPY, so I don't see any security
value to moving them out. They are super-user only just like COPY.
--
Bruce Momjian http://candle.pha.pa.us
EnterpriseDB http://www.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2006-06-08 14:36:38 | Re: Patch for - Allow server logs to be remotely read |
Previous Message | Tom Lane | 2006-06-08 14:17:07 | Re: Patch for - Allow server logs to be remotely read |