| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Wolfgang Walther <walther(at)technowledgy(dot)de>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Christoph Berg <myon(at)debian(dot)org>, Andres Freund <andres(at)anarazel(dot)de>, Peter Eisentraut <peter(at)eisentraut(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Thomas Munro <thomas(dot)munro(at)gmail(dot)com>, Nazir Bilal Yavuz <byavuz81(at)gmail(dot)com>, Antonin Houska <ah(at)cybertec(dot)at> |
| Subject: | Re: [PoC] Federated Authn/z with OAUTHBEARER |
| Date: | 2025-04-08 16:43:01 |
| Message-ID: | CAOYmi+noNW-39C2LXOqymdxSHuWSkOYy=RwqZo3t_ppGS6650A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Apr 8, 2025 at 9:33 AM Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> On Tue, Apr 8, 2025 at 09:17:03AM -0700, Jacob Champion wrote:
> > It allows packagers to ship the OAuth library separately, so end users
> > that don't want the additional exposure don't have to install it at
> > all.
>
> Okay, so how would they do that? I understand how that would happen if
> it was an external extension, but how if it is under /src or /contrib.
By adding the new .so to a different package. For example, RPM specs
would just let you say "hey, this .so I just built doesn't go into the
main client package, it goes into an add-on that depends on the client
package." It's the same way separate client and server packages get
generated from the same single build of Postgres.
> Would we have to put out minor releases for curl CVEs?
In general, no.
Thanks,
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2025-04-08 16:44:41 | Re: Enhancing Memory Context Statistics Reporting |
| Previous Message | Daniel Gustafsson | 2025-04-08 16:42:19 | Re: [PoC] Federated Authn/z with OAUTHBEARER |