From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
Subject: | Re: Marking some contrib modules as trusted extensions |
Date: | 2020-01-29 20:29:19 |
Message-ID: | 20200129202919.GA8446@alvherre.pgsql |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 2020-Jan-29, Tom Lane wrote:
> Not sure what I think about these:
>
> bloom (are these useful in production?)
> btree_gin
> btree_gist
> pgrowlocks (seems safe, but are there security issues?)
> spi/autoinc (I doubt that these four are production grade)
> spi/insert_username
> spi/moddatetime
> spi/refint
> sslinfo (seems safe, but are there security issues?)
> xml2 (nominally safe, but deprecated, and libxml2
> has been a fertile source of security issues)
Of these, btree_gist is definitely useful from a user perspective,
because it enables creation of certain exclusion constraints.
I've never heard of anyone using bloom indexes in production. I'd
argue that if the feature is useful, then we should turn it into a
core-included index AM with regular WAL logging for improved
performance, and add a stripped-down version to src/test/modules to
cover the WAL-log testing needs. Maybe exposing it more, as promoting
it as a trusted extension would do, would help find more use cases for
it.
> Also, how should we document this, if we do it? Add a boilerplate
> sentence to each module's description about whether it is trusted
> or not? Put a table up at the front of Appendxix F? Both?
If it were possible to do both from a single source of truth, that would
be great. Failing that, I'd just list it in each module's section.
--
Álvaro Herrera https://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
From | Date | Subject | |
---|---|---|---|
Next Message | Soumyadeep Chakraborty | 2020-01-29 20:30:47 | Re: Default JIT setting in V12 |
Previous Message | Alvaro Herrera | 2020-01-29 20:04:01 | parens cleanup |