| From: | Marko Tiikkaja <marko(at)joh(dot)to> |
|---|---|
| To: | Joel Jacobson <joel(at)compiler(dot)org> |
| Cc: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: security_definer_search_path GUC |
| Date: | 2021-06-02 16:36:39 |
| Message-ID: | CAL9smLBj4YjXWxf4Ngz3e7WhwdGX0B0WkH8n_he8gB9KEkr0BQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jun 2, 2021 at 3:46 PM Joel Jacobson <joel(at)compiler(dot)org> wrote:
> If a database object is to be accessed unqualified by all users, isn't the
> 'public' schema a perfect fit for it? How will it be helpful to create
> different database objects in different schemas, if also adding all such
> schemas to the search_path so they can be accessed unqualified? In such a
> scenario you risk unintentionally creating conflicting objects, and
> whatever schema happened to be first in the search_path will be resolved.
> Seems insecure and messy to me.
>
Heh. This is actually exactly what I wanted to do.
The use case is: version upgrades. I want to be able to have a search_path
of something like 'pg_catalog, compat, public'. That way we can provide
compatibility versions of newer functions in the "compat" schema, which get
taken over by pg_catalog when running on a newer version. That way all the
compatibility crap is clearly separated from the stuff that should be in
"public".
.m
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2021-06-02 16:38:53 | Re: pg_stat_progress_create_index vs. parallel index builds |
| Previous Message | John Naylor | 2021-06-02 16:26:41 | speed up verifying UTF-8 |