Re: pg_execute_from_file, patch v10

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Itagaki Takahiro <itagaki.takahiro@gmail.com>
Cc: Robert Haas <robertmhaas@gmail.com>, Dimitri Fontaine <dimitri@2ndquadrant.fr>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2010-12-14T03:47:45Z
Lists: pgsql-hackers
Itagaki Takahiro <itagaki.takahiro@gmail.com> writes:
> On Tue, Dec 14, 2010 at 12:02, Robert Haas <robertmhaas@gmail.com> wrote:
>> As Tom says, this is clearly not going to fly on security grounds.

> If it's a security hole, lo_import() should be also a hole
> because we can use lo_import() and SELECT * FROM pg_largeobject
> for the same purpose...

lo_import is superuser-only.  If we design this feature so that it will
forever have to be superuser-only, to get a behavior that I think we
don't even *want*, I believe we're making a serious error.

			regards, tom lane