| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | Craig Ringer <craig(at)2ndquadrant(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: untrusted PLs should be GRANTable |
| Date: | 2018-07-19 00:19:58 |
| Message-ID: | 20180719001958.GZ27724@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Greetings,
* Peter Eisentraut (peter(dot)eisentraut(at)2ndquadrant(dot)com) wrote:
> On 17.07.18 07:20, Craig Ringer wrote:
> > A user has raised the point that our refusal to GRANT rights to
> > untrusted PLs is counterproductive and inconsistent with how we behave
> > elsewhere.
>
> Previous discussion:
> https://www.postgresql.org/message-id/flat/1357905627.24219.6.camel%40vanquo.pezone.net
>
> What caused that to die was "What might actually be a problem in this
> area is that, AFAICT, pg_dump does not save privileges granted to
> objects in extensions." But I think that is fixed/fixable now with
> pg_init_privs.
Yes, that should certainly be fixed now thanks to pg_init_privs. If it
isn't, I'd like to know...
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joshua D. Drake | 2018-07-19 00:22:06 | Re: Have an encrypted pgpass file |
| Previous Message | Michael Paquier | 2018-07-19 00:07:22 | Re: print_path is missing GatherMerge and CustomScan support |