Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions

On Tue, 11 Jun 2024 at 11:54, Ashutosh Sharma <ashu.coek88@gmail.com> wrote:
> 1) Extends the CREATE EXTENSION command to support a new option, SET
> SEARCH_PATH.


I don't think it makes sense to add such an option to CREATE EXTENSION.
I feel like such a thing should be part of the extension control file
instead. That way the extension author controls the search path, not
the person that installs the extension.