Got it! Thank you all very much!
----- Original message -----
From: "David G. Johnston" <david.g.johnston@xxxxxxxxx>
To: "Tom Lane" <tgl@xxxxxxxxxxxxx>
Cc: "Li EF Zhang" <bjzhangl@xxxxxxxxxx>, "Laurenz Albe" <laurenz.albe@xxxxxxxxxxx>, "pgsql-generallists.postgresql.org" <pgsql-general@xxxxxxxxxxxxxxxxxxxx>
Subject: [EXTERNAL] Re: Can not ALTER TEXT SEARCH DICTIONARY intdict which is default in dict_int
Date: Wed, Aug 25, 2021 1:29 PM
On Tue, Aug 24, 2021 at 9:20 PM Tom Lane <tgl@xxxxxxxxxxxxx> wrote:"David G. Johnston" <david.g.johnston@xxxxxxxxx> writes:
> On Tue, Aug 24, 2021 at 8:51 PM Li EF Zhang <bjzhangl@xxxxxxxxxx> wrote:
>> Thanks for your answer. My doubt is that since an ordinary user creates
>> the extension, shouldn't be this user the owner of the objects created
>> within the extension?
> While that is a possible implementation choice, that isn't what was chosen.
Let's be clear here: that is not some random implementor's decision.
That is *necessary*, else the feature is completely insecure.
Fair. Additionally, an extension that wishes for ordinary users to perform limited configuration can always supply a security definer function to facilitate such a change. Though I'm unsure how/if it would go about arranging role permissions without requiring a superuser.David J.
