"David G. Johnston" <david.g.johnston@xxxxxxxxx> writes: > I'll admit these have been infrequent since resolving CVE 2018-1058, but I > still disagree with the decision to not give the DBA an option on whether > to leave public in their search_path during a pg_dump and pg_restore. Yeah, I was never for that decision either. Anybody who's sufficiently hot about it could try submitting a patch and see what happens. I'm not quite sure how the option should work, but maybe call it --use-unsafe-path and define it as adopting the same search_path setting seen at dump time? Or maybe better to provide a restore-time option saying "use this search_path"? It needs some thought, not just quick-n-dirty code. regards, tom lane
