
Authenticated Arbitrary Command Execution on PostgreSQL 9.3-11.2 - bjoko
https://medium.com/greenwolf-security/authenticated-arbitrary-command-execution-on-postgresql-9-3-latest-cd18945914d5
======
oskari
The "copy from program" feature allows executing a program by design, and is
pretty self documenting at that.

There are various other ways you can access the system outside PG once you're
a superuser which is why most hosted PG providers (like us) don't allow
superuser access.

