Tom Lane wrote: > Bruce Momjian <[EMAIL PROTECTED]> writes: > > Agreed it should be relative to the log directory, which may or not be > > under PGDATA, and don't let them go up above it. Is there any downside > > to allowing absolute reads as well because COPY can already read > > absolute files. > > Perhaps not from a security point of view, but I think it would be > rather bizarre for a general-purpose pg_read_file() function to default > to reading from the log directory. From the point of view of having > a consistent API, it'd be better to call the functions something like > pg_read_logdirectory() and pg_read_logfile() and restrict them to the > log directory. If we later decide we want to add a general > pg_read_file() operation, we won't have to contort its operation to > preserve compatibility with the log-fetching case.
OK. There isn't much of value in $PGDATA anyway to read except the config files, which have limited value. I did think a file system walker application written using SQL would be cool, but not if it is going to make us less secure. I don't think it does, but adding the function when no one is asking for it seems backwards. One issue is that the log files might be in /var/log with other server logs. -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 7: don't forget to increase your free space map settings