Home > mailing lists

Re: Extension security improvement: Add support for extensions with an owned schema - Mailing list pgsql-hackers

From	David E. Wheeler
Subject	Re: Extension security improvement: Add support for extensions with an owned schema
Date	June 20 20:00:41
Msg-id	3E54748A-81CA-49E8-983C-5BFA04486948@justatheory.com Whole thread Raw
In response to	Re: Extension security improvement: Add support for extensions with an owned schema (Robert Haas <robertmhaas@gmail.com>)
List	pgsql-hackers

Tree view

On Jun 19, 2024, at 11:28, Robert Haas <robertmhaas@gmail.com> wrote:

> But I wonder if there might also be another possible approach: could
> we, somehow, prevent object references in extension scripts from
> resolving to anything other than the system catalogs and the contents
> of that extension? Perhaps with a control file setting to specify a
> list of trusted extensions which we're also allowed to reference?

It would also have to allow access to other extensions it depends upon.

D

pgsql-hackers by date:

From: "David G. Johnston"
Date: 20 June, 19:11:16
Subject: Re: ON ERROR in json_query and the like

From: "David E. Wheeler"
Date: 20 June, 20:02:36
Subject: Re: Extension security improvement: Add support for extensions with an owned schema

Re: Extension security improvement: Add support for extensions with an owned schema - Mailing list pgsql-hackers

Previous

Next