From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
---|---|
To: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
Cc: | Regina Obe <lr(at)pcorp(dot)us>, strk(at)kbt(dot)io, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: [PATCH] Support % wildcard in extension upgrade filenames |
Date: | 2022-05-28 15:26:05 |
Message-ID: | 6181DA3F-B24A-4313-A0C2-F05D690AA726@yesql.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> On 28 May 2022, at 16:50, Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> wrote:
> I don't think this idea is fundamentally wrong, but I have two worries:
>
> 1. It would be a good idea good to make sure that there is not both
> "extension--%--2.0.sql" and "extension--1.0--2.0.sql" present.
> Otherwise the behavior might be indeterministic.
>
> 2. What if you have a "postgis--%--3.3.sql", and somebody tries to upgrade
> their PostGIS 1.1 installation with it? Would that work?
> Having a lower bound for a matching version might be a good idea,
> although I have no idea how to do that.
Following that reasoning, couldn't a rogue actor inject a fake file (perhaps
bundled with another innocent looking extension) which takes precedence in
wildcard matching?
--
Daniel Gustafsson https://vmware.com/
From | Date | Subject | |
---|---|---|---|
Next Message | Daniel Gustafsson | 2022-05-28 15:30:51 | Re: Bump MIN_WINNT to 0x0600 (Vista) as minimal runtime in 16~ |
Previous Message | Daniel Gustafsson | 2022-05-28 15:17:46 | Re: Improving connection scalability (src/backend/storage/ipc/procarray.c) |