On Wed, Apr 18, 2012 at 7:54 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> However, ignoring that issue for the moment, this patch is making me
> uncomfortable. I have a vague recollection that we deliberately omitted
> ALTER EXTENSION OWNER because of security or definitional worries.
> (Dimitri, does that ring any bells?) I wonder whether we should insist
> that the new owner be a superuser, as the original owner must have been.
Don't we have non-superuser extensions, that can be installed with
just DBA privileges?
Anyhow, it seems a bit nannyish, unless I'm missing something. If the
current owner is a superuser and s/he wants to give the object to a
non-superuser, you can't really stop them. They can just make the
target user a superuser, give 'em the object, and make them not a
superuser, all in one transaction no less.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
