> "Klaus Reger" <K.Reger@twc.de> writes:
>> I've made a patch, that introduces an entry in the PostgreSQL-config
>> file. You can set a drirectory, where all imports/exports can happen.
>> If nothing is set (the default), no imports/exports on the server-side
>> are allowed. To enhance the security, no reading/writung is allowed
>> from/to non-regular files (block-devs, symlinks, etc.)
>
> This is trivially defeatable, assuming that the "import/export"
> directory is world writable (if it isn't, importing will be tough).
...
> While you could patch around these particular attacks by further
> restricting the filenames, the bottom line is that server-side LO
> operations are just inherently insecure.
>
> regards, tom lane
Ok, you're right, but is it acceptable, to configure this, using the
configfile, rather than with a compile-option?
Regards, Klaus