Re: Can not ALTER TEXT SEARCH DICTIONARY intdict which is default in dict_int - Mailing list pgsql-general

From David G. Johnston
Subject Re: Can not ALTER TEXT SEARCH DICTIONARY intdict which is default in dict_int
Date
Msg-id CAKFQuwYG8F0SPcOLBLaZmUSzJqdpLabsmpq1H-ymGQ-WSSJTcQ@mail.gmail.com
Whole thread Raw
In response to Re: Can not ALTER TEXT SEARCH DICTIONARY intdict which is default in dict_int  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-general
On Tue, Aug 24, 2021 at 9:20 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
"David G. Johnston" <david.g.johnston@gmail.com> writes:
> On Tue, Aug 24, 2021 at 8:51 PM Li EF Zhang <bjzhangl@cn.ibm.com> wrote:
>> Thanks for your answer. My doubt is that since an ordinary user creates
>> the extension, shouldn't be this user the owner of the objects created
>> within the extension?

> While that is a possible implementation choice, that isn't what was chosen.

Let's be clear here: that is not some random implementor's decision.
That is *necessary*, else the feature is completely insecure.


Fair.  Additionally, an extension that wishes for ordinary users to perform limited configuration can always supply a security definer function to facilitate such a change.  Though I'm unsure how/if it would go about arranging role permissions without requiring a superuser.

David J.

pgsql-general by date:

Previous
From: Tom Lane
Date:
Subject: Re: Can not ALTER TEXT SEARCH DICTIONARY intdict which is default in dict_int
Next
From: Jehan-Guillaume de Rorthais
Date:
Subject: Re: Cluster fencing tool/software for PostgreSQL cluster with streaming replication