On 2025-Feb-03, Vladlen Popolitov wrote: > You use FORMAT option to add new formats, filling it with routine name > in shared library. As result any caller can call any routine in PostgreSQL > kernel. > I think, it will start competition, who can find most dangerous routine > to call just from COPY FROM command.
Hah. Maybe it would be a better UI to require that COPY format handlers are registered explicitly before they can be used: CREATE ACCESS METHOD copy_yaml TYPE copy HANDLER copy_yaml_handler; ... and then when the FORMAT is not recognized as one of the hardcoded methods, we go look in pg_am for one with amtype='c' and the given name. That gives you the function that initializes the Copy state. This is convenient enough because system administrators can add COPY formats that anyone can use, and doesn't allow to call arbitrary functions via COPY. -- Álvaro Herrera 48°01'N 7°57'E — https://www.EnterpriseDB.com/ "I can't go to a restaurant and order food because I keep looking at the fonts on the menu. Five minutes later I realize that it's also talking about food" (Donald Knuth)
