Re: lo_ and SU privs
От | Peter Eisentraut |
---|---|
Тема | Re: lo_ |
Дата | |
Msg-id | Pine.LNX.4.30.0110152105240.631-100000@peter.localdomain обсуждение исходный текст |
Ответ на |
lo_ |
Список | pgsql-general |
Bell John writes: > You must have Postgres superuser privilege to use > server-side lo_import. Anyone can use the client-side > lo_import provided by libpq. > > Is there any way to disable this behaviour No. > or to give a user the priviliges that are being looked for? I believe it said something about superuser, no? ;-) > This effectively cripples the vast majority of programmatic interfaces > to PostgreSQL ie. all those that are more than wrappers around libpq. I think you might have a misunderstanding what is going on here. You are trying to use the server-side lo_import() function, which reads from the server's file system. That is a) a security hole, and b) mostly useless. What you want is the lo_import function libpq or the equivalent in the other interfaces. If the interface in question doesn't have it, then perhaps the interface should be fixed, but that is hard to judge without knowing the details. -- Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter
В списке pgsql-general по дате отправления: