| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Noah Misch <noah(at)leadboat(dot)com> |
| Cc: | Jeff Davis <pgsql(at)j-davis(dot)com>, pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: pgsql: Fix search_path to a safe value during maintenance operations. |
| Date: | 2023-06-13 20:23:24 |
| Message-ID: | 1799839.1686687804@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers pgsql-hackers |
Noah Misch <noah(at)leadboat(dot)com> writes:
> Best argument for shipping without $SUBJECT: we already have REFERENCES and
> TRIGGER privilege that tend to let the grantee hijack the table owner's
> account. Adding MAINTAIN to the list, while sad, is defensible. I still
> prefer to ship with $SUBJECT, not without.
What I'm concerned about is making such a fundamental semantics change
post-beta1. It'll basically invalidate any application compatibility
testing anybody might have done against beta1. I think this ship has
sailed as far as v16 is concerned, although we could reconsider it
in v17.
Also, I fail to see any connection to the MAINTAIN privilege: the
committed-and-reverted patch would break things whether the user
was making any use of that privilege or not. Thus, I do not accept
the idea that we're fixing something that's new in 16.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Davis | 2023-06-13 20:55:13 | Re: pgsql: Fix search_path to a safe value during maintenance operations. |
| Previous Message | David G. Johnston | 2023-06-13 20:22:01 | Re: pgsql: Fix search_path to a safe value during maintenance operations. |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joel Jacobson | 2023-06-13 20:23:57 | Re: Do we want a hashset type? |
| Previous Message | David G. Johnston | 2023-06-13 20:22:01 | Re: pgsql: Fix search_path to a safe value during maintenance operations. |