| From: | Álvaro Herrera <alvherre(at)kurilemu(dot)de> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Bertrand Drouvot <bertranddrouvot(dot)pg(at)gmail(dot)com>, Michael Paquier <michael(at)paquier(dot)xyz>, Chao Li <li(dot)evan(dot)chao(at)gmail(dot)com>, "L(dot) pgsql-hackers" <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, Peter Eisentraut <peter(at)eisentraut(dot)org>, Jeff Davis <pgsql(at)j-davis(dot)com>, Ashutosh Bapat <ashutosh(dot)bapat(dot)oss(at)gmail(dot)com>, Amit Kapila <amit(dot)kapila16(at)gmail(dot)com> |
| Subject: | Re: Fix unqualified catalog references in psql describe queries |
| Date: | 2026-06-15 21:21:07 |
| Message-ID: | ajBrndVqomlY_qK1@alvherre.pgsql |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2026-Jun-15, Tom Lane wrote:
> =?utf-8?Q?=C3=81lvaro?= Herrera <alvherre(at)kurilemu(dot)de> writes:
> > My proposal would be that all operators, both system-defined as well as
> > user-defined, live in a single namespace -- not that we forbid them from
> > being created.
>
> Exactly how does that improve anyone's life? It will certainly not
> improve query security, rather the reverse. You could no longer put
> less-trusted stuff into a schema that's not in your search_path.
I am imagining that only database owners would be able to create
operators. There isn't any case for allowing that for anybody else,
ISTM. How much need is there for "less-trusted" operators, really?
As long as it's not restricted to superusers, there is flexibility
enough.
--
Álvaro Herrera PostgreSQL Developer — https://www.EnterpriseDB.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Borisov | 2026-06-15 21:36:08 | Re: Add SPLIT PARTITION/MERGE PARTITIONS commands |
| Previous Message | Ilia Evdokimov | 2026-06-15 21:13:42 | Re: Extended statistics improvement: multi-column MCV missing values |