"Klaus Reger" <K.Reger@twc.de> writes:
> Ok, you're right, but is it acceptable, to configure this, using the
> configfile, rather than with a compile-option?
The patch as given isn't any more secure than just enabling
ALLOW_DANGEROUS_LO_FUNCTIONS, so I for one will vote against
applying it.
I'm still unconvinced that there's any need to create a server-side LO
import/export loophole. Client-side LO operations are inherently safer,
and that's the direction you should be looking in for a solution.
regards, tom lane