| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | Bell John <jbelllinux(at)yahoo(dot)com> |
| Cc: | <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: lo_<commands> and SU privs |
| Date: | 2001-10-15 19:30:42 |
| Message-ID: | Pine.LNX.4.30.0110152105240.631-100000@peter.localdomain |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Bell John writes:
> You must have Postgres superuser privilege to use
> server-side lo_import. Anyone can use the client-side
> lo_import provided by libpq.
>
> Is there any way to disable this behaviour
No.
> or to give a user the priviliges that are being looked for?
I believe it said something about superuser, no? ;-)
> This effectively cripples the vast majority of programmatic interfaces
> to PostgreSQL ie. all those that are more than wrappers around libpq.
I think you might have a misunderstanding what is going on here. You are
trying to use the server-side lo_import() function, which reads from the
server's file system. That is a) a security hole, and b) mostly useless.
What you want is the lo_import function libpq or the equivalent in the
other interfaces. If the interface in question doesn't have it, then
perhaps the interface should be fixed, but that is hard to judge without
knowing the details.
--
Peter Eisentraut peter_e(at)gmx(dot)net http://funkturm.homeip.net/~peter
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2001-10-15 19:31:14 | Re: Postmaster re-start problem |
| Previous Message | Peter Eisentraut | 2001-10-15 19:29:54 | Re: lztext |