On Thu, Jan 9, 2020 at 2:48 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
> I agree that if we dropped the proviso about DB owners, it would be
> a cleaner design. I included that only for backwards compatibility
> with the existing behavior that DB owners can install trusted PLs.
> If we can agree that we're willing to lose that behavior, I'd be
> perfectly fine with removing the special case for DB owners.
> However, I'm unsure whether that compatibility cost is acceptable.
> It's definitely likely that it would cause an upgrade headache
> for some installations.
I was assuming that installing extensions was fairly infrequent and
that it probably gets done mostly by superusers anyway, so probably
most people won't care if, after upgrading, they needed an extra GRANT
to get things working again. That might be wrong, though.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
