=?windows-1250?Q?Thorsten_Sch=F6ning?= <tschoening@xxxxxxxxxx> writes:
> Guten Tag Tom Lane,
> am Sonntag, 19. Juli 2020 um 20:37 schrieben Sie:
>> It's a security thing. A user who can create such a cast can thereby
>> change the behavior of other people's queries.
> I'm not sure what your are telling me: Can CASTs only be created by
> superusers? I didn't read that in the docs.
The CREATE CAST man page says
To be able to create a cast, you must own the source or the target
data type and have USAGE privilege on the other type.
Right after that it says
To create a binary-coercible cast, you must be superuser. (This
restriction is made because an erroneous binary-coercible cast
conversion can easily crash the server.)
but that is *not* what's at issue in your case.
> If they are not only created by superusers, how can I restore CASTs to
> a database owned by some other user?
In this case, you have to restore the cast as superuser, because nobody
else is going to be treated as owning these built-in types.
> Even if there was, I don't see why CASTs should be handled differently
> than all other objects successfully restored to have a new owner, when
> CASTs seem to be per database as well.
The restriction is there primarily because casts don't have names in any
normal sense, so users might invoke them without realizing it. There's
no way to protect yourself against that by, say, using a restricted
search_path.
regards, tom lane
