| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Ronan Dunklau <ronan(dot)dunklau(at)aiven(dot)io> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, pgsql-hackers(at)lists(dot)postgresql(dot)org, Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
| Subject: | Re: Converting contrib SQL functions to new style |
| Date: | 2025-01-04 20:14:55 |
| Message-ID: | 692480.1736021695@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
I happened to notice that there's more that we can do to harden
contrib modules: the transform modules for hstore and ltree
currently have disclaimers about having to install them in the
same schema as the underlying modules. AFAICS that can be
fixed trivially now, by using the @extschema:name@ mechanism.
In the attached I just modified the 1.0 installation scripts
rather than making update scripts. As for the problem with
earthdistance's CREATE DOMAIN command, there's no way for
an update script to rescue an already-trojaned definition,
and the script change does not affect the results in any
non-compromised case.
(The transform modules for bool and jsonb don't need to be
touched, since those data types are in pg_catalog which
will always be the front of the search path.)
I also noticed some text in extend.sgml that needs to be
updated.
regards, tom lane
| Attachment | Content-Type | Size |
|---|---|---|
| v1-harden-contrib-transform-modules.patch | text/x-diff | 6.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michel Pelletier | 2025-01-04 20:34:40 | Re: Using Expanded Objects other than Arrays from plpgsql |
| Previous Message | Tom Lane | 2025-01-04 19:35:47 | Re: Using Expanded Objects other than Arrays from plpgsql |