Re: Add default role 'pg_access_server_files'

Ryan Murphy <ryanfmurphy@gmail.com>

From: Ryan Murphy <ryanfmurphy@gmail.com>
To: pgsql-hackers@postgresql.org
Cc: Stephen Frost <sfrost@snowman.net>
Date: 2018-01-07T06:54:00Z
Lists: pgsql-hackers
(Duplicated to make sure it's in the commitfest Thread, didn't seem to get in there when I replied to the email)

Oops!  I made a mistake, which clearly showed up in my last email: I forgot to psql back in as "tester".

Now I get the right behavior:

    $ psql postgres tester
    postgres=> select pg_read_file('/Users/postgres/temp');
    ERROR:  absolute path not allowed

Thanks for bearing with me.  So far so good on this feature, going to run the tests too.

Best,
Ryan

Commits

  1. Add default roles for file/program access

  2. Remove explicit superuser checks in favor of ACLs

  3. Support new default roles with adminpack