| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | Magnus Hagander <mha(at)sollentuna(dot)net>, Andreas Pflug <pgadmin(at)pse-consulting(dot)de>, Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Dave Page <dpage(at)vale-housing(dot)co(dot)uk>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: For review: Server instrumentation patch |
| Date: | 2005-07-24 22:12:52 |
| Message-ID: | 14783.1122243172@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> It could be argued that there should be provision for a limitation on
> the locations in which COPY can write (and maybe read) files.
> If COPY is a security hole then we should close it, not use that as
> precedent to open another hole.
Yeah. It's worth pointing out in this connection that server-side
COPY is already pretty well crippled if you are running under SELinux,
because the security policy constrains what parts of the filesystem
the daemon can reach at all. I've already been thinking seriously
of proposing that the regression tests be converted to use only
\copy and not COPY, because it's difficult to run them against an
installed server on Fedora 4, and it may be impossible in the near
future.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2005-07-24 22:18:56 | Re: More buildfarm stuff |
| Previous Message | Andrew Dunstan | 2005-07-24 20:59:45 | Re: For review: Server instrumentation patch |