| From: | "Li EF Zhang" <bjzhangl(at)cn(dot)ibm(dot)com> |
|---|---|
| To: | carpenter(dot)nail(dot)cz(at)gmail(dot)com |
| Cc: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | RE: BUG #17157: authorizaiton of dict_int and bloom extention |
| Date: | 2021-08-25 03:48:26 |
| Message-ID: | OFFFA7CB9A.19A28E35-ON0025873C.0014B420-0025873C.0014E9EE@ibm.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
<div class="socmaildefaultfont" dir="ltr" style="font-family:Arial, Helvetica, sans-serif;font-size:10pt" ><div dir="ltr" >Got it! Thanks!</div>
<div dir="ltr" >My question:</div>
<div dir="ltr" >1. If an ordinary user create the extension, my understanding is that the object created in the extension should be the user who create the extension?</div>
<div dir="ltr" >2. Will the fix for bloom be applied on pg13?</div>
<div dir="ltr" > </div>
<div dir="ltr" > </div>
<div dir="ltr" > </div>
<blockquote data-history-content-modified="1" dir="ltr" style="border-left:solid #aaaaaa 2px; margin-left:5px; padding-left:5px; direction:ltr; margin-right:0px" >----- Original message -----<br>From: "Neil Chen" <carpenter(dot)nail(dot)cz(at)gmail(dot)com><br>To: bjzhangl(at)cn(dot)ibm(dot)com, pgsql-bugs(at)lists(dot)postgresql(dot)org<br>Cc:<br>Subject: [EXTERNAL] Re: BUG #17157: authorizaiton of dict_int and bloom extention<br>Date: Tue, Aug 24, 2021 4:38 PM<br> <br>
<div dir="ltr" ><div dir="ltr" > </div>
<div><div dir="ltr" >On Tue, Aug 24, 2021 at 4:19 PM PG Bug reporting form <<a href="mailto:noreply(at)postgresql(dot)org" target="_blank" >noreply(at)postgresql(dot)org</a>> wrote:</div>
<blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" >The following bug has been logged on the website:<br><br>Bug reference: 17157<br>Logged by: Lily Zhang<br>Email address: <a href="mailto:bjzhangl(at)cn(dot)ibm(dot)com" target="_blank" >bjzhangl(at)cn(dot)ibm(dot)com</a><br>PostgreSQL version: 13.3<br>Operating system: os390x<br>Description: <br><br>1. Since dict_int is trusted, we create extension of dict_int with normal<br>user. But when alter maxlen of intdict, it reports error. This is the<br>detail.<br>```<br>admin=> create extension dict_int;<br>CREATE EXTENSION<br>admin=> ALTER TEXT SEARCH DICTIONARY intdict (MAXLEN = 7);<br>ERROR: must be owner of text search dictionary intdict<br>```<br>2. Since pg13 supports trusted extension, we make bloom trusted by changing<br>control file. Everything runs well except drop extension with normal user<br>who creates this extension.<br>```<br>test=> create extension bloom;<br>CREATE EXTENSION<br>test=> drop extension bloom;<br>ERROR: must be superuser to drop access methods<br>```<br> </blockquote></div>
<div> </div>Hi, here are some of my understanding, hope it can help you:
<div> </div>
<div>For (1), if we set an extension "trust", the database will execute the "create" action as a superuser, so the owner of the created object is the superuser. I think this is a "feature", not a "bug".
<div> </div>
<div>For (2), it was already been fixed in commit: <span style="color:rgb(36,41,46);font-family:ui-monospace,SFMono-Regular,"SF Mono",Menlo,Consolas,"Liberation Mono",monospace;font-size:12px;text-align:right;white-space:nowrap" >b1d32d3e3230f00b5baba08f75b4f665c7d6dac6.</span>
<div> </div>--
<div dir="ltr" ><div dir="ltr" >There is no royal road to learning.
<div>HighGo Software Co.</div></div></div></div></div></div></blockquote>
<div dir="ltr" > </div></div><BR>
<BR>
| Attachment | Content-Type | Size |
|---|---|---|
| unknown_filename | text/html | 3.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dilyan Palauzov | 2021-08-25 05:21:42 | No libldap_r in OpenLDAP 2.5 - use LDAP_API_FEATURE_X_OPENLDAP_REENTRANT from ldap_features.h |
| Previous Message | Tom Lane | 2021-08-24 22:16:11 | Re: BUG #17158: Distinct ROW fails with Postgres 14 |