Tom Lane <tgl@sss.pgh.pa.us> writes:
> Hannu Krosing <hannu@tm.ee> writes:
> >> However, the default behavior of the restricted execution environment
> >> being used allows read-only filesystem access.
>
> > we have 'read-only filesystem access anyhow' :
>
> > pg72b2=# create table hack(row text);
> > CREATE
> > pg72b2=# copy hack from '/home/pg72b2/data/pg_hba.conf' DELIMITERS
> > '\01';
>
> Only if you're superuser, which is exactly the point of the trusted
> vs untrusted function restriction. The plpython problem lets
> non-superusers read any file that the postgres user can read, which
> is not cool.
If a fix is made, will it be backported to the 7.1 branch so vendors
can upgrade their packages if this is necesarry?
--
Trond Eivind Glomsrød
Red Hat, Inc.