From: | Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com> |
---|---|
To: | depesz(at)depesz(dot)com |
Cc: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
Subject: | Re: pg_read_server_files doesn't let me use pg_ls_dir() or pg_read_file? |
Date: | 2023-03-15 02:10:11 |
Message-ID: | 20230315.111011.205480166041302286.horikyota.ntt@gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
At Tue, 14 Mar 2023 20:33:10 +0100, hubert depesz lubaczewski <depesz(at)depesz(dot)com> wrote in
> Hi,
> Tested it now on built today Pg 16devel, straight from repo.
>
> In docs (https://www.postgresql.org/docs/current/functions-admin.html#FUNCTIONS-ADMIN-GENFILE), I found:
> > The functions shown in Table 9.99 provide native access to files on
> > the machine hosting the server. Only files within the database cluster
> > directory and the log_directory can be accessed, unless the user is
> > a superuser or is granted the role pg_read_server_files. Use
> > a relative path for files in the cluster directory, and a path
> > matching the log_directory configuration setting for log files.
>
> which I understand that if I'll grant pg_read_server_files to some user,
> then this user should be able to use the generic file access functions.
> $ select * from pg_ls_dir('.');
> ERROR: permission denied for function pg_ls_dir
"GRANT EXECUTE ON FUNCTION pg_ls_dir(text) TO test" might work for you.
The doc section you are referring to also describes that on a
per-function basis like this.
> This function is restricted to superusers by default, but other
> users can be granted EXECUTE to run the function.
regards.
--
Kyotaro Horiguchi
NTT Open Source Software Center
From | Date | Subject | |
---|---|---|---|
Next Message | PG Bug reporting form | 2023-03-15 09:08:18 | BUG #17844: Memory consumption for memoize node |
Previous Message | Thiago Nunes | 2023-03-15 02:02:37 | Re: BUG #17839: Heap-buffer overflow on float8_to_char with invalid template |