On 2013-09-20 08:06:56 -0400, Robert Haas wrote:
> On Thu, Sep 19, 2013 at 5:54 PM, Andres Freund <andres@2ndquadrant.com> wrote:
> > Because I want to specify multiple paths. E.g. one with modules for a
> > specific postgres version, one for the cluster and one for my
> > development directory.
> > Now we could recursively search a directory that contains symlinks to
> > directories, but that seems ugly.
> I see. My main hesitation is around security. I feel somehow that
> changing a GUC to trojan the system would be easier for a remote user
> to accomplish than having to replace a directory with a symlink.
If they can change a PGC_POSTMASTER GUC, they already can easily enough
do:
shared_preload_libraries='/path/to/my/bad/so.so'
that's already allowed.
Greetings,
Andres Freund
-- Andres Freund http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training &
Services