From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
---|---|
To: | Greg Stark <stark(at)mit(dot)edu> |
Cc: | Dimitri Fontaine <dimitri(at)2ndquadrant(dot)fr>, Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Jeff Davis <pgsql(at)j-davis(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Boszormenyi Zoltan <zb(at)cybertec(dot)at>, Thom Brown <thom(at)linux(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Extension Templates S03E11 |
Date: | 2013-12-02 19:46:58 |
Message-ID: | CA+TgmobL1BnqzEWk1kPkQdHr+5L8otyqO5JPrjoDizps3ixTrA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Mon, Dec 2, 2013 at 2:33 PM, Greg Stark <stark(at)mit(dot)edu> wrote:
> On Mon, Dec 2, 2013 at 6:30 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
>> OK, I'll bite. I've been trying to stay out of this thread, but I
>> really *don't* understand what this patch is about. Extensions, as
>> they exist today, are installed from the filesystem and their contents
>> are not dumped. You're trying to create a new kind of extension which
>> is installed from the system catalogs (instead of the file system) and
>> is dumped. Why should anyone want that?
>>
>> It seems that part of the answer is that people would like to be able
>> to install extensions via libpq. You could almost write a client-side
>> tool for that today just by using adminpack to write the files to the
>> server, but you'd trip over the fact that files written by adminpack
>> must be in either the data directory or the log directory. But we
>> could fix that easily enough.
>
> Just tossing an idea out there. What if you could install an extension
> by specifying not a local file name but a URL. Obviously there's a
> security issue but for example we could allow only https URLs with
> verified domain names that are in a list of approved domain names
> specified by a GUC.
That's a different feature, but I don't see anything preventing
someone from implementing that as an extension, today, without any
core support at all. It would only be usable in cases where the share
directory is writable by the database server (i.e. low-security
installations) and you'd have to make it a function call rather than
piggybacking on CREATE EXTENSION, but neither of those things sound
bad to me. (And if they are bad, they could be addressed by providing
hooks or event triggers, leaving the rest of the functionality in the
extension module.)
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Dunstan | 2013-12-02 20:01:25 | Re: Trust intermediate CA for client certificates |
Previous Message | Bruce Momjian | 2013-12-02 19:45:01 | Re: Trust intermediate CA for client certificates |