Álvaro Herrera писал(а) 2025-02-05 18:49:
On 2025-Feb-03, Vladlen Popolitov wrote:
You use FORMAT option to add new formats, filling it with routine name
in shared library. As result any caller can call any routine in
PostgreSQL
kernel.
I think, it will start competition, who can find most dangerous
routine
to call just from COPY FROM command.
Hah.
Maybe it would be a better UI to require that COPY format handlers are
registered explicitly before they can be used:
CREATE ACCESS METHOD copy_yaml TYPE copy HANDLER copy_yaml_handler;
... and then when the FORMAT is not recognized as one of the hardcoded
methods, we go look in pg_am for one with amtype='c' and the given
name.
That gives you the function that initializes the Copy state.
This is convenient enough because system administrators can add COPY
formats that anyone can use, and doesn't allow to call arbitrary
functions via COPY.
Yes! It is what I propose. This looks much safer and already used in
access methods creation.
--
Best regards,
Vladlen Popolitov.
