Re: Bug #6593, extensions, and proposed new patch policy
| От | Robert Haas |
|---|---|
| Тема | Re: Bug #6593, extensions, and proposed new patch policy |
| Дата | |
| Msg-id | CA+TgmobTu8FgiSYDNb1UwintKyTvqhHK3PEDHj0VNVx1Cd+7-w@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Bug #6593, extensions, and proposed new patch policy (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Bug #6593, extensions, and proposed new patch policy
|
| Список | pgsql-hackers |
On Wed, Apr 18, 2012 at 7:54 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > However, ignoring that issue for the moment, this patch is making me > uncomfortable. I have a vague recollection that we deliberately omitted > ALTER EXTENSION OWNER because of security or definitional worries. > (Dimitri, does that ring any bells?) I wonder whether we should insist > that the new owner be a superuser, as the original owner must have been. Don't we have non-superuser extensions, that can be installed with just DBA privileges? Anyhow, it seems a bit nannyish, unless I'm missing something. If the current owner is a superuser and s/he wants to give the object to a non-superuser, you can't really stop them. They can just make the target user a superuser, give 'em the object, and make them not a superuser, all in one transaction no less. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: