| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Floris Van Nee <florisvannee(at)optiver(dot)com>, Kirill Reshke <reshke(at)double(dot)cloud>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: pg_init_privs corruption. |
| Date: | 2023-04-13 16:15:16 |
| Message-ID: | CA+TgmobwwVWZOt50ehu9vAY=en=p4weAe-+K3fYcmSMZdsxfag@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Feb 17, 2023 at 3:38 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Floris Van Nee <florisvannee(at)Optiver(dot)com> writes:
> > This is as far as I can see the same case as what I reported a few years ago here: https://www.postgresql.org/message-id/flat/1574068566573.13088%40Optiver.com#488bd647ce6f5d2c92764673a7c58289
> > There was a discussion with some options, but no fix back then.
>
> Hmm, so Stephen was opining that the extension's objects shouldn't
> have gotten these privs attached in the first place. I'm not
> quite convinced about that one way or the other, but if you buy it
> then maybe this situation is unreachable once we fix that. I'm
> not sure though. It's still clear that we are making ACL entries
> that aren't reflected in pg_shdepend, and that seems bad.
Yep. I think you have the right idea how to fix this. Making extension
creation somehow not subject to the same rules about default
privileges as everything else doesn't seem like either a good idea or
a real fix for this problem.
--
Robert Haas
EDB: http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jonathan S. Katz | 2023-04-13 16:16:38 | Re: Should we remove vacuum_defer_cleanup_age? |
| Previous Message | Robert Haas | 2023-04-13 16:01:59 | Re: Partial aggregates pushdown |