| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Petr Jelinek <petr(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Additional role attributes && superuser review |
| Date: | 2014-10-16 13:59:36 |
| Message-ID: | 6607.1413467976@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> * Petr Jelinek (petr(at)2ndquadrant(dot)com) wrote:
>> Yeah it will, mainly because extensions can load modules and can
>> have untrusted functions, we might want to limit which extensions
>> are possible to create without being superuser.
> The extension has to be available on the filesystem before it can be
> created, of course. I'm not against providing some kind of whitelist or
> similar which a superuser could control.. That's similar to how PLs
> work wrt pltemplate, no?
The existing behavior is "you can create an extension if you can execute
all the commands contained in its script". I'm not sure that messing
with that rule is a good idea; in any case it seems well out of scope
for this patch.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2014-10-16 14:02:38 | Re: Additional role attributes && superuser review |
| Previous Message | Robert Haas | 2014-10-16 13:59:26 | Re: WIP: dynahash replacement for buffer table |