Tomas Vondra <tv(at)fuzzy(dot)cz> writes:
> why the libraries loaded using local_preload_libraries need to be placed
> in a different subdirectory than libraries loaded using
> shared_preload_libraries?
Security: it lets the DBA constrain which libraries are loadable this way.
> I do understand that leaving the users to load whatever libraries they
> want is a bad idea, but when the library is loaded from postgresql.conf
> it should be safe.
We don't have a mechanism that would allow different limitations to be
placed on a GUC variable depending on where the value came from.
To do what you're proposing would require restricting
local_preload_libraries to be superuser-only, which would be a net
decrease in functionality.
regards, tom lane