Re: [PATCH] COPY .. COMPRESSED

Stephen Frost <sfrost@snowman.net>

From: Stephen Frost <sfrost@snowman.net>
To: Claudio Freire <klaussfreire@gmail.com>
Cc: Simon Riggs <simon@2ndquadrant.com>, Tom Lane <tgl@sss.pgh.pa.us>, PostgreSQL-Dev <pgsql-hackers@postgresql.org>
Date: 2013-01-14T16:24:52Z
Lists: pgsql-hackers
* Claudio Freire (klaussfreire@gmail.com) wrote:
> On Mon, Jan 14, 2013 at 1:01 PM, Stephen Frost <sfrost@snowman.net> wrote:
> > I do like the idea of a generalized answer which just runs a
> > user-provided command on the server but that's always going to require
> > superuser privileges.
> 
> Unless it's one of a set of superuser-authorized compression tools.

Which would require a new ACL system for handling that, as I mentioned..
That certainly isn't what the existing patch does.

What would that look like?  How would it operate?  How would a user
invoke it or even know what options are available?  Would we provide
anything by default?  It's great to consider that possibility but
there's a lot of details involved.

I'm a bit nervous about having a generalized system which can run
anything on the system when called by a superuser but when called by a
regular user we're on the hook to verify the request against a
superuser-provided list and to then make sure nothing goes wrong.

	Thanks,

		Stephen