Re: Fwd: Unprivileged user can induce crash by using an SUSET param in PGOPTIONS

Nathan Bossart <nathandbossart@gmail.com> writes:
> +    StartTransactionCommand();
>      process_session_preload_libraries();
> +    CommitTransactionCommand();

Yeah, that way would avoid any questions about changing the order of
operations, but it seems like a mighty expensive solution: it's
adding a transaction to each backend start on the off chance that
(a) session_preload_libraries/local_preload_libraries is nonempty and
(b) the loaded libraries are going to do anything where it'd matter.
So that's why I thought of moving the call inside a pre-existing
transaction.

If we had to back-patch this into any released versions, I'd agree with
taking the performance hit in order to reduce the chance of side-effects.
But I think as long as we only have to do it in v15, it's not too late to
possibly cause some compatibility issues for extensions.

            regards, tom lane