<div class="socmaildefaultfont" dir="ltr" style="font-family:Arial, Helvetica, sans-serif;font-size:10pt" ><div dir="ltr" >Got it! Thank you all very much!</div>
<div dir="ltr" > </div>
<blockquote data-history-content-modified="1" dir="ltr" style="border-left:solid #aaaaaa 2px; margin-left:5px; padding-left:5px; direction:ltr; margin-right:0px" >----- Original message -----<br>From: "David G. Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com><br>To: "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us><br>Cc: "Li EF Zhang" <bjzhangl(at)cn(dot)ibm(dot)com>, "Laurenz Albe" <laurenz(dot)albe(at)cybertec(dot)at>, "pgsql-generallists.postgresql.org" <pgsql-general(at)lists(dot)postgresql(dot)org><br>Subject: [EXTERNAL] Re: Can not ALTER TEXT SEARCH DICTIONARY intdict which is default in dict_int<br>Date: Wed, Aug 25, 2021 1:29 PM<br> <br>
<div dir="ltr" ><div dir="ltr" ><div style="font-family:arial,helvetica,sans-serif" ><span style="font-family:Arial,Helvetica,sans-serif" >On Tue, Aug 24, 2021 at 9:20 PM Tom Lane <<a href="mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us" target="_blank" >tgl(at)sss(dot)pgh(dot)pa(dot)us</a>> wrote:</span></div></div>
<div><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" >"David G. Johnston" <<a href="mailto:david(dot)g(dot)johnston(at)gmail(dot)com" target="_blank" >david(dot)g(dot)johnston(at)gmail(dot)com</a>> writes:<br>> On Tue, Aug 24, 2021 at 8:51 PM Li EF Zhang <<a href="mailto:bjzhangl(at)cn(dot)ibm(dot)com" target="_blank" >bjzhangl(at)cn(dot)ibm(dot)com</a>> wrote:<br>>> Thanks for your answer. My doubt is that since an ordinary user creates<br>>> the extension, shouldn't be this user the owner of the objects created<br>>> within the extension?<br><br>> While that is a possible implementation choice, that isn't what was chosen.<br><br>Let's be clear here: that is not some random implementor's decision.<br>That is *necessary*, else the feature is completely insecure.<br> </blockquote>
<div> </div>
<div style="font-family:arial,helvetica,sans-serif" >Fair. Additionally, an extension that wishes for ordinary users to perform limited configuration can always supply a security definer function to facilitate such a change. Though I'm unsure how/if it would go about arranging role permissions without requiring a superuser.</div>
<div style="font-family:arial,helvetica,sans-serif" > </div>
<div style="font-family:arial,helvetica,sans-serif" >David J.</div>
<div style="font-family:arial,helvetica,sans-serif" > </div></div></div></blockquote>
<div dir="ltr" > </div></div><BR>
<BR>