| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | Andrew Gierth <andrew(at)tao11(dot)riddles(dot)org(dot)uk> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: What's the point of allow_system_table_mods? |
| Date: | 2019-05-10 19:16:13 |
| Message-ID: | 20190510191613.wvqh4bjp32wiyukh@alap3.anarazel.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On 2019-05-10 19:51:10 +0100, Andrew Gierth wrote:
> >>>>> "Andres" == Andres Freund <andres(at)anarazel(dot)de> writes:
>
> Andres> Why is it so much more dangerous? I've seen plenty of corrupted
> Andres> clusters due to people doing DML against the catalogs. I'm OK
> Andres> with adding separate GUCs for both, if we want to do that, but
> Andres> I do think we shouldn't allow updating the catalogs wthout
> Andres> having having the superuser explicitly opt into that.
>
> Be aware that a nonzero number of extensions (postgis especially) do
> catalog DML in their install or update scripts. While you might well
> think they shouldn't do that, in practice there is usually no viable
> alternative.
Sure, but if it's a SUSET GUC that'd not be a huge problem, would it?
They'd need to locally set it, which, sure. But it'd also be a good way
to signal such things to readers.
Greetings,
Andres Freund
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2019-05-10 19:19:26 | Re: What's the point of allow_system_table_mods? |
| Previous Message | Tom Lane | 2019-05-10 19:00:18 | Re: What's the point of allow_system_table_mods? |