On 2020-10-31 17:35, Noah Misch wrote:
> Overall, that's 3.2 votes for (b)(3)(X) and 0.0 to 1.0 votes for changing
> nothing. That suffices to proceed with (b)(3)(X). However, given the few
> votes and the conspicuous non-responses, work in this area has a high risk of
> failure. Hence, I will place it at a low-priority position in my queue.
My vote would also be (b)(3)(X). Allowing the database owner to manage
the public schema within their database makes a lot of sense,
independent of any overarching goals.
I'm not convinced, however, that this would would really move the needle
in terms of the general security-uneasiness about the public schema and
search paths. AFAICT, in any of your proposals, the default would still
be to have the public schema world-writable and in the path.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
