Search Postgresql Archives

Re: Can not ALTER TEXT SEARCH DICTIONARY intdict which is default in dict_int

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



"David G. Johnston" <david.g.johnston@xxxxxxxxx> writes:
> On Tue, Aug 24, 2021 at 8:51 PM Li EF Zhang <bjzhangl@xxxxxxxxxx> wrote:
>> Thanks for your answer. My doubt is that since an ordinary user creates
>> the extension, shouldn't be this user the owner of the objects created
>> within the extension?

> While that is a possible implementation choice, that isn't what was chosen.

Let's be clear here: that is not some random implementor's decision.
That is *necessary*, else the feature is completely insecure.

The example given at the top of the thread isn't especially
security-relevant, but there are a lot of other possible ALTER commands
that are.  For example, an ordinary user granted ownership of a
"C"-language function can easily modify it in a way that allows her to
gain full control of the installation.  So we cannot implement trusted
extensions by allowing the user requesting the install to own the
individual objects within the extension.

			regards, tom lane





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux