Michael Paquier <michael@paquier.xyz> writes:
> On Thu, Feb 28, 2019 at 10:52:52PM -0500, Tom Lane wrote:
>> If you're suggesting that we disable that security restriction
>> during extension creation, I really can't see how that'd be a
>> good thing ...
> No, I don't mean that. I was just wondering if someone can set
> search_path within the SQL script which includes the extension
> contents to bypass the restriction and the error. They can always
> prefix such objects with pg_temp anyway if need be...
You'd have to look in namespace.c to be sure, but I *think* that
we don't consult the temp schema during function/operator lookup
even if it's explicitly listed in search_path.
It might be possible for an extension script to get around this with
code like, say,
CREATE TRIGGER ... EXECUTE PROCEDURE @extschema@.myfunc();
although you'd have to give up relocatability of the extension
to use @extschema@. (Maybe it was a bad idea to not provide
that symbol in relocatable extensions? A usage like this doesn't
prevent the extension from being relocated later.)
regards, tom lane
