> On 06/13/2012 12:45 PM, Chris Travers wrote:
>>
>> On Tue, Jun 12, 2012 at 11:47 AM, John R Pierce <
[hidden email]>
>> wrote:
>>>
>>> On 06/12/12 11:25 AM, leaf_yxj wrote:
>>>>
>>>> Thanks. You guys are right. I check the database. The C programm is
>>>> there.
>>>> ----- but why our application team keep ask me to give them the
>>>> superuser
>>>> privileges to create the C function. Should they use the superuser to
>>>> create
>>>> the C function. if yes , why they need it?
>>>
>>>
>>> yes, only a sql superuser can define a C function, as these have total
>>> access to crashing postgres's innards.
>>>
>> Not just the innards, but the file system (could be used to overwrite
>> data files), arbitrary system commands, etc......
>
> Hopefully not arbitrary system commands, in that I really hope nobody's nuts
> enough to run PostgreSQL as root or with write access to its own binaries.
> The data files are fair game, though, and replacement/modification of
> commands is probably possible in weaker installations.