Security seems to be an interesting question for this. The current patch simply takes a wildcard, and evaluates it every time it is needed. Is that the correct approach? The advantage is that when a new directory matching the pattern appears, it is automatically detected... but that's also the disadvantage.
Wouldn't it be better to freeze the current list of matching directories on configuration load, and require pg_reload_conf to add the newly matching patterns? With possibly additional helper functions that show what the patterns currently match compared to what's loaded by the active configuration? That's more complex, but could limit surprises. Should it require ownership/permission checks on the pattern parts somehow, or some other limitation? Also, while glob symbols are unlikely in filenames, they can be valid. Can backward compatibility be a possible concern, or accidental glob patterns from old configurations? For example a "/pg[18]/" directory would have a different meaning before/after. + glob_status = glob(mangled, GLOB_BRACE | GLOB_ERR, NULL, &globres I think GLOB_BRACE isn't POSIX? Based on a quick search it isn't available on Solaris, for example.
