| From: | Jelte Fennema-Nio <me(at)jeltef(dot)nl> |
|---|---|
| To: | Julien Rouhaud <rjuju123(at)gmail(dot)com> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Artem Gavrilov <artem(dot)gavrilov(at)percona(dot)com>, Tomas Vondra <tomas(at)vondra(dot)me>, "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, Jeff Davis <pgsql(at)j-davis(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Extension security improvement: Add support for extensions with an owned schema |
| Date: | 2025-09-02 07:37:31 |
| Message-ID: | CAGECzQS9JqWv+zJR-e-1JMH7GhCnLc4vD9H-uEui8E5Ba9Trpw@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, 2 Sept 2025 at 02:03, Julien Rouhaud <rjuju123(at)gmail(dot)com> wrote:
> One not too uncommon scenario is an extension in a dedicated schema that creates additional objects dynamically, for instance creating new partitions using triggers on one of the extension table.
Interesting. I didn't know there were extensions that did that. That
definitely doesn't seem like a very common pattern though.
But I don't think that's a problem for this idea. In the
implementation I'm working on, superuser would still be allowed to
create objects in such locked down owned schemas. So as long as the
extension upgrades its permissions to superuser during these DDLs it
should still be fine. (easy to do with SECURITY DEFINER or by
temporarily changing permissions from C)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Yura Sokolov | 2025-09-02 07:37:59 | Re: LISTEN/NOTIFY bug: VACUUM sets frozenxid past a xid in async queue |
| Previous Message | Yugo Nagata | 2025-09-02 07:33:41 | Re: Allow to collect statistics on virtual generated columns |