|From:||Oskari Saarenmaa <os(at)ohmu(dot)fi>|
|To:||Dimitri Fontaine <dimitri(at)2ndQuadrant(dot)fr>, Andres Freund <andres(at)2ndquadrant(dot)com>|
|Cc:||Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Oliver Charles <ollie(at)ocharles(dot)org(dot)uk>, pgsql-hackers(at)postgresql(dot)org|
|Subject:||Re: Configurable location for extension .control files|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
10.06.2013, 17:51, Dimitri Fontaine kirjoitti:
> Andres Freund <andres(at)2ndquadrant(dot)com> writes:
>>> In any case, no packager is going to ship an insecure-by-default
>>> configuration, which is what Dimitri seems to be fantasizing would
>>> happen. It would have to be local option to relax the permissions
>>> on the directory, no matter where it is.
>> *I* don't want that at all. All I'd like to have is a postgresql.conf
>> option specifying additional locations.
> Same from me. I think I would even take non-plural location.
Here's a patch to allow overriding extension installation directory.
The patch allows superusers to change it at runtime, but we could also
restrict it to postgresql.conf if needed. I don't really see a point in
restricting it (or not implementing the option at all) as the superuser
can already load custom C code and sql from anywhere in the filesystem;
not having configurable extension directory just makes it harder to test
extensions and to create private clusters of PG data in a custom
location without using custom binaries.
I don't think anyone should be packaging and shipping PG with
extension_directory set, but we really should allow it for superusers
and postgresql.conf so people can test extensions without hacks like
|Next Message||Stephen Frost||2015-02-17 22:44:51||Re: Odd behavior of updatable security barrier views on foreign tables|
|Previous Message||Robert Haas||2015-02-17 22:11:26||Re: Sequence Access Method WIP|