Re: pgsql: Add support for piping COPY to/from an external program.

On 27.02.2013 18:35, Thom Brown wrote:
> On 27 February 2013 16:22, Heikki Linnakangas<heikki.linnakangas@iki.fi>  wrote:
>> Add support for piping COPY to/from an external program.
>>
>> This includes backend "COPY TO/FROM PROGRAM '...'" syntax, and corresponding
>> psql \copy syntax. Like with reading/writing files, the backend version is
>> superuser-only, and in the psql version, the program is run in the client.
>>
>> In the passing, the psql \copy STDIN/STDOUT syntax is subtly changed: if you
>> the stdin/stdout is quoted, it's now interpreted as a filename. For example,
>> "\copy foo from 'stdin'" now reads from a file called 'stdin', not from
>> standard input. Before this, there was no way to specify a filename called
>> stdin, stdout, pstdin or pstdout.
>>
>> This creates a new function in pgport, wait_result_to_str(), which can
>> be used to convert the exit status of a process, as returned by wait(3),
>> to a human-readable string.
>>
>> Etsuro Fujita, reviewed by Amit Kapila.
>
> A minor point:
>
> +    Executing a command with<literal>PROGRAM</literal>  might be restricted
> +    by operating system's access control mechanisms, such as the SELinux.
>
> This doesn't read well.  Could this instead be amended to something more like:
>
> "Executing a command with PROGRAM might be restricted by the operating
> system's access control mechanisms, such as those enforced by
> SELinux."

Hmm, that doesn't feel like an improvement to me. I guess your version
is more accurate, if you think that SELinux provides the access control
mechanism, rather than that SELinux itself is an access control
mechanism. But I don't think such accuracy is important here.

(I note that there is a spurious "the" in my wording, though. Should be
"..., such as SELinux")

- Heikki