> On 25 Jun 2022, at 03:08, Hannu Krosing <hannuk(at)google(dot)com> wrote: > > Currently the file system access is controlled via being a SUPREUSER
My 2 cents. Ongoing work on making superuser access unneeded seems much more relevant to me. IMO superuser == full OS access available from postgres process. I think there's uncountable set of ways to affect OS from superuser. E.g. you can create a TOAST value compressed by pglz that allows you to look few kilobytes before detoasted datum. Or make an archive_command = 'gcc my shell code'. It's not even funny to invent things that you can hack as a superuser.