"Brad Nicholson" <bradn@xxxxxxxxxx> writes: > First, as a long time user of the pgextwlist extension, I'm happy to see > this functionality appearing in core. However, as a long term user of that > extension, I can say that ability to create an extension as a non-super > user is pretty limited in itself in a lot of cases. Many extensions both > in contrib and external ones (like PostGIS for example) don't give > appropriate permissions to actually use the extension. > Taking postgresql_fdw as an example. I'm confused about your point here. postgresql_fdw has intentionally *not* been marked trusted. That's partly because it doesn't seem like outside-the-database access is something we want to allow by default, but it's also the case that there are inside-the-database permissions issues. So no, we have not solved those, but that is not a shortcoming of the trusted-extensions feature AFAICS. It is not the intent of that feature that you can randomly mark unsafe extensions as trusted and have every one of their permissions safety-checks vanish. regards, tom lane
