Re: BUG #1830: Non-super-user must be able to copy from a

"Oliver Jowett" <oliver(at)opencloud(dot)com>
wrote:43052755(dot)7000003(at)opencloud(dot)com(dot)(dot)(dot)
> Bernard wrote:
>
>> The majority of JDBC users trying to bulk load tables would not want
>> to send the data through their connection. This connection is designed
>> to send commands and to transfer only as much data as necessary and as
>> little as possible.
>
> I don't understand why this is true at all -- for example, our
> application currently does bulk INSERTs over a JDBC connection, and
> moving to COPY has been an option I looked at in the past. Importing
> lots of data from a remote machine is hardly an uncommon case.

When exporting and importing data from other data sources, there maybe
many rows to be moved. In this special case, should COPY be faster than
INSERTs? Have pgsql-jdbc supported COPY?

If I read correctly, what Bernard want is COPY from/to server-side files.
That is actually a security risk for non-superuser. They may read or
overwrite
any files can read/write by postgres server process.

>
>> The need is only created by the limitations of the Postgres COPY
>> command.
>>
>> I can't see why a workaround should be developed instead of or before
>> fixing the COPY command.
>>
>> It works in other DB engines.
>
> I guess that other DB engines don't care about unprivileged DB users
> reading any file that the backend can access.
>
> -O
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: Don't 'kill -9' the postmaster
>