* Claudio Freire (klaussfreire(at)gmail(dot)com) wrote:
> On Mon, Jan 14, 2013 at 1:01 PM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> > I do like the idea of a generalized answer which just runs a
> > user-provided command on the server but that's always going to require
> > superuser privileges.
> Unless it's one of a set of superuser-authorized compression tools.
Which would require a new ACL system for handling that, as I mentioned..
That certainly isn't what the existing patch does.
What would that look like? How would it operate? How would a user
invoke it or even know what options are available? Would we provide
anything by default? It's great to consider that possibility but
there's a lot of details involved.
I'm a bit nervous about having a generalized system which can run
anything on the system when called by a superuser but when called by a
regular user we're on the hook to verify the request against a
superuser-provided list and to then make sure nothing goes wrong.
In response to
pgsql-hackers by date
|Next:||From: Amit kapila||Date: 2013-01-14 16:27:33|
|Subject: Re: Proposal for Allow postgresql.conf values to be
changed via SQL [review]|
|Previous:||From: Peter Geoghegan||Date: 2013-01-14 16:19:42|
|Subject: Re: Timing events WIP v1|