| From: | Jelte Fennema-Nio <postgres(at)jeltef(dot)nl> |
|---|---|
| To: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Cc: | "David E(dot) Wheeler" <david(at)justatheory(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, walther(at)technowledgy(dot)de, Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>, Christoph Berg <myon(at)debian(dot)org> |
| Subject: | Re: RFC: Additional Directory for Extensions |
| Date: | 2024-06-24 21:23:41 |
| Message-ID: | CAGECzQTq7kEiQ95R2Ms1w2Axg+D5LgJrNuxtcP7VbE2f-53tqA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, 24 Jun 2024 at 18:11, Nathan Bossart <nathandbossart(at)gmail(dot)com> wrote:
> At first glance, the general idea seems reasonable to me. I'm wondering
> whether there is a requirement for this directory to be prepended or if it
> could be appended to the end. That way, the existing ones would take
> priority, which might be desirable from a security standpoint.
Citus does ship with some override library for pgoutput to make
logical replication/CDC work correctly with sharded tables. Right now
using this override library requires changing dynamic_library_path. It
would be nice if that wasn't necessary. But this is obviously a small
thing. And I definitely agree that there's a security angle to this as
well, but honestly that seems rather small too. If an attacker can put
shared libraries into the extension_destdir, I'm pretty sure you've
lost already, no matter if extension_destdir is prepended or appended
to the existing $libdir.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David E. Wheeler | 2024-06-24 21:31:53 | Re: RFC: Additional Directory for Extensions |
| Previous Message | Jelte Fennema-Nio | 2024-06-24 21:17:14 | Re: RFC: Additional Directory for Extensions |