"korryd@enterprisedb.com" <korryd@enterprisedb.com> writes:
>>> (there is no UNLOAD statement, is there?).
>>
>> What we actually have at the moment is that you can LOAD a library
>> again, which causes an unload of the prior version and then loading the
>> new.
> Right, but you still end up with a plugin loaded afterwards so no crash
> (of course you could do something stupid like load a new plugin with the
> same name that isn't really a plugin).
That is only true given careful design and implementation of the
hooks. Right now for instance I think it's possible to crash the
backend by doing "LOAD 'plpgsql'" multiple times, because it hooks
into CallXactCallbacks and doesn't unhook. (Now that we have PG_fini
it should be possible to fix that...) Doesn't seem to crash
on the HPUX machine I just tried it on, but maybe HPUX is weird and
doesn't actually remove the old library from the address space?
Anyway I disagree with your proposal to let unprivileged users re-LOAD
random libraries. If they've not been modified to have clean unload
semantics this isn't safe.
regards, tom lane