On 8/24/21 7:40 AM, David G. Johnston wrote:
> On Fri, Aug 20, 2021 at 6:26 AM Tom Lane <tgl@sss.pgh.pa.us
> <mailto:tgl@sss.pgh.pa.us>> wrote:
>
> "Li EF Zhang" <bjzhangl@cn.ibm.com <mailto:bjzhangl@cn.ibm.com>> writes:
> > Since pg13 support trusted extension, so I changed control file
> of bloom and make it trusted.
>
> The fact that you can edit the file that way doesn't make it a supported
> case.
>
>
> Why does that matter here though? This isn't a question about a
> security violation, it's one about the basic premise that a trusted
> extension is owned by the creating user and thus can be dropped by
> them. During installation, a trusted user is permitted to perform
> superuser actions by virtue of the trusted flag. Since they are allowed
> to drop their own extension it is at least plausible to assume that upon
> doing so the dropping would be done as a superuser as well. That this
> is not the case doesn't seem to be documented nor, going from the commit
> message for the feature, does it seem intentional.
To me the issue is that the extension was modified to trusted by an end
user not the extension author. I gotta believe there is more to the
trusted then a flag in the control file. It would not be surprising to
me that an ad hoc modification would fail.
>
> David J.
>
--
Adrian Klaver
adrian.klaver@aklaver.com
