Forum OpenACS Development: Requing PG super user privs: Friend or Foe?

I just noticed that because of the changes in bulk-loading of data to speed up things, that we now require PG super user privileges.

The bootstratp installer needs to do a COPY from a file to load ref-timezones data, and means the user has to be a PG super user.

There is a security issue there (I believe) because if your OpenACS install is somehow cracked into, the aolserver user can wreak havoc on all of the databases.

The other problem is that for a hosting facility wanting to host several OpenACS installs, they probably won't want to give everyone PG super user status.

The alternative to using the copy from file would be to use psql's \copy instead, which is available to anyone (at least that's what the error message I got during installation told me).

Thoughts?

-Roberto

Collapse
Posted by Malte Sussdorff on
At the very least we should provide an alternative to the current setup. If psql \copy works, perfect. Otherwise make an insert, if copy does not work.

The whole check, whether COPY works or if we need to use a different method should be handled without user intervention. And as we might think about using COPY in other places as well, it would be good, if there is a function for this in OpenACS.