Thomas Lockhart <lockhart@alumni.caltech.edu> writes:
>> Meanwhile, database names with single quotes in names don't work very well
>> at all, and because of shell quoting rules this can't be fixed, so I put
>> in error messages to that end.
> That seems to be a bit heavy handed; why bother disallowing things in
> the backend because some (small number of) shell-based tools have
> trouble as clients? I'd prefer filtering that at the client end, and
> allowing capable clients to do whatever they please.
No, you're missing the point: the backend itself uses shell escapes
for some whole-database functions. IIRC, database creation is done with
something likesystem("cp -r base/template1 base/newdb");
So shell metacharacters in database names are Bad News. We need to
put in a filter that will prevent appearances of / | ` etc in DB names.
I assume that's what Peter was doing.
I think we may have some bugs with metacharacters in table names (which
become filenames) as well, but haven't really pushed on it.
> thinking about recoding ACLs as a two-field type to enforce an
> unambigous interpretation of the two fields. Interested??
Seems like a good idea.
regards, tom lane