| From: | Jelte Fennema-Nio <me(at)jeltef(dot)nl> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Julien Rouhaud <rjuju123(at)gmail(dot)com>, Artem Gavrilov <artem(dot)gavrilov(at)percona(dot)com>, Tomas Vondra <tomas(at)vondra(dot)me>, "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, Jeff Davis <pgsql(at)j-davis(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Extension security improvement: Add support for extensions with an owned schema |
| Date: | 2025-09-11 13:29:27 |
| Message-ID: | CAGECzQT8Rjo73xJfS-KSouoj09oUSOM6UWhvy0JXXO8+U0qwwQ@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, 11 Sept 2025 at 15:02, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> What the patch does (IIRC) is make it so that dropping the extension
> just cascade-drops the schema.
You recall incorrectly ;) It only does that when you do:
DROP EXTENSION ... CASCADE
Otherwise you get errors like this:
DROP EXTENSION test_ext_owned_schema;
ERROR: cannot drop extension test_ext_owned_schema because other
objects depend on it
DETAIL: function test_owned_schema_defaults.new_owned() depends on
schema test_owned_schema_defaults
> but somebody
> could equally well just install an unrelated extension in the same
> schema and then drop the first extension and, whoops.
To be clear, that could only happen when that unrelated extension does
not have owned_schema=true. Because creating such an extension
requires the schema to not exist yet. (And even then as explained
above the accidental drop only happens when the user uses CASCADE.)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kouber Saparev | 2025-09-11 13:35:01 | Re: BF mamba failure |
| Previous Message | Robert Haas | 2025-09-11 13:14:24 | Re: Making type Datum be 8 bytes everywhere |