Re: Allowing to create LEAKPROOF functions to non-superuser

From: Andrey Borodin <x4mmm(at)yandex-team(dot)ru>
To: Tomas Vondra <tomas(dot)vondra(at)enterprisedb(dot)com>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Allowing to create LEAKPROOF functions to non-superuser
Date: 2021-04-12 20:59:53
Message-ID: 47D69E15-ABDF-47E9-9E8A-AA3143E055DF@yandex-team.ru
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Thanks, Tomas!

> 12 апр. 2021 г., в 23:42, Tomas Vondra <tomas(dot)vondra(at)enterprisedb(dot)com> написал(а):
>
> I guess for the cloud services it's not an issue - they're mostly
> concerned about manageability and restricting access to the OS.
In fact, we would happily give a client access to an OS too. It's a client's VM after all and all software is open source. But it opens a way to attack control plane. Which in turn opens a way for clients to attack each other. And we really do not want it.

Thanks!

Best regards, Andrey Borodin.

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Andres Freund 2021-04-12 21:01:47 Re: Allowing to create LEAKPROOF functions to non-superuser
Previous Message Tom Lane 2021-04-12 20:59:19 Curious test case added by collation version tracking patch