| From: | Doug Bloebaum <blabes(at)gmail(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: About "ERROR: must be *superuser* to COPY to or from a file" |
| Date: | 2005-08-31 12:58:52 |
| Message-ID: | caa2de8a05083105584f975849@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Jim Nasby asked:
What do people think about the Oracle method where bulk data operations
> can only occur in a specified directory? Making that restriction might
> address some of the security concerns. I don't think we should change
> COPY in such a way that you *have* to use a specified directory, but if
> it was an option that helped with the security concerns...
Oracle's new (well, since 9i) DIRECTORY object (see
http://download-west.oracle.com/docs/cd/B14117_01/server.101/b10759/statements_5007.htm#sthref4678)
has proven itself to be a flexible approach for me.
A privileged account creates the DIRECTORY object like so:
CREATE OR REPLACE DIRECTORY my_dir AS '/var/tmp/my_dir';
and then grants access to it:
GRANT READ ON my_dir to db_username;
I'd envision the COPY command using the DIRECTORY object something like:
COPY my_table FROM my_dir:'file.txt';
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Sabino Mullane | 2005-08-31 13:19:00 | Re: How do I copy part of table from db1 to db2 (and rename the columns)? |
| Previous Message | Tino Wildenhain | 2005-08-31 12:47:18 | Re: How do I copy part of table from db1 to db2 (and |