Re: RFC: Additional Directory for Extensions - Mailing list pgsql-hackers

From Daniel Gustafsson
Subject Re: RFC: Additional Directory for Extensions
Date
Msg-id 0D0A98A8-CAB2-4F52-B10A-826C97C41799@yesql.se
Whole thread Raw
In response to Re: RFC: Additional Directory for Extensions  (Alvaro Herrera <alvherre@alvh.no-ip.org>)
List pgsql-hackers
> On 3 Apr 2024, at 09:13, Alvaro Herrera <alvherre@alvh.no-ip.org> wrote:
>
> On 2024-Apr-02, David E. Wheeler wrote:
>
>> That quotation comes from this Debian patch[2] maintained by Christoph
>> Berg. I’d like to formally propose integrating this patch into the
>> core. And not only because it’s overhead for package maintainers like
>> Christoph, but because a number of use cases have emerged since we
>> originally discussed something like this back in 2013[3]:
>
> I support the idea of there being a second location from where to load
> shared libraries

Agreed, the case made upthread that installing an extension breaks the app
signing seems like a compelling reason to do this.

The implementation of this need to make sure the directory is properly set up
however to avoid similar problems that CVE 2019-10211 showed.

--
Daniel Gustafsson




pgsql-hackers by date:

Previous
From: Bertrand Drouvot
Date:
Subject: Re: Introduce XID age and inactive timeout based replication slot invalidation
Next
From: Andy Fan
Date:
Subject: Re: [HACKERS] make async slave to wait for lsn to be replayed