'Re: Make bloom extension trusted, but can not drop with normal user'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postgresql-general
Subject:    Re: Make bloom extension trusted, but can not drop with normal user
From:       "David G. Johnston" <david.g.johnston () gmail ! com>
Date:       2021-08-24 15:37:36
Message-ID: CAKFQuwaEiW0QbDHS0qxmGRcqZQw6O_ieV-14CWY1QG2k0zaWBw () mail ! gmail ! com
[Download RAW message or body]

On Tue, Aug 24, 2021 at 8:17 AM Adrian Klaver <adrian.klaver@aklaver.com>
wrote:

> 
> To me the issue is that the extension was modified to trusted by an end
> user not the extension author. I gotta believe there is more to the
> trusted then a flag in the control file. It would not be surprising to
> me that an ad hoc modification would fail.
> 
> 
If the expected behavior here is that an ordinary user can drop a trusted
extension then I do not see how this error could present itself since, just
like extension creation, all the flag does is allow the user to become a
superuser for purposes of installing (or removing) the extension objects.
Per Tom, the pre-v14 drop behavior is indeed a bug.  It is not going to be
back-patched, nor has the documentation been updated to say that DROP
EXTENSION is effectively prevented due to the existence of this bug (if you
really need superuser to install the extension it seems reasonable it
requires the same to drop it).

Per an adjacent thread [1] this has apparently been fixed in v14 at [2] -
but if so (not tested it myself) then it seems like an unexpected
side-effect since that particular commit seems like a pure refactoring.

David J.

[1]
https://www.postgresql.org/message-id/CAA3qoJkW4VzN4ixt-%3Du%3DtY1Di9YrzJNAhrxKdNhtQMJp2iD0Cg%40mail.gmail.com
 [2]
https://github.com/postgres/postgres/commit/b1d32d3e3230f00b5baba08f75b4f665c7d6dac6


[Attachment #3 (text/html)]

<div dir="ltr"><div dir="ltr"><div class="gmail_default" \
style="font-family:arial,helvetica,sans-serif"><span \
style="font-family:Arial,Helvetica,sans-serif">On Tue, Aug 24, 2021 at 8:17 AM Adrian \
Klaver &lt;<a href="mailto:adrian.klaver@aklaver.com" \
target="_blank">adrian.klaver@aklaver.com</a>&gt; wrote:</span><br></div></div><div \
class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br> To me the issue \
is that the extension was modified to trusted by an end <br> user not the extension \
author. I gotta believe there is more to the <br> trusted then a flag in the control \
file. It would not be surprising to <br> me that an ad hoc modification would \
fail.<br><br></blockquote><div><br></div><div class="gmail_default" \
style="font-family:arial,helvetica,sans-serif">If the expected behavior here is that \
an ordinary user can drop a trusted extension then I do not see how this error could \
present itself since, just like extension creation, all the flag does is allow the \
user to become a superuser for purposes of installing (or removing) the extension \
objects.   Per Tom, the pre-v14 drop behavior is indeed a bug.   It is not going to \
be back-patched, nor has the documentation been updated to say that DROP EXTENSION is \
effectively  prevented due to the existence of this bug (if you really need superuser \
to install the extension it seems reasonable it requires the same to drop \
it).</div><div class="gmail_default" \
style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" \
style="font-family:arial,helvetica,sans-serif">Per an adjacent thread [1] this has \
apparently been fixed in v14 at [2] - but if so (not tested it myself) then it seems \
like an unexpected side-effect since that particular commit seems like a pure \
refactoring.</div><div class="gmail_default" \
style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" \
style="font-family:arial,helvetica,sans-serif">David J.</div><div \
class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div \
class="gmail_default" style="font-family:arial,helvetica,sans-serif">[1] <a \
href="https://www.postgresql.org/message-id/CAA3qoJkW4VzN4ixt-%3Du%3DtY1Di9YrzJNAhrxKd \
NhtQMJp2iD0Cg%40mail.gmail.com">https://www.postgresql.org/message-id/CAA3qoJkW4VzN4ixt-%3Du%3DtY1Di9YrzJNAhrxKdNhtQMJp2iD0Cg%40mail.gmail.com</a><br></div><div \
class="gmail_default" style="font-family:arial,helvetica,sans-serif">[2] <a \
href="https://github.com/postgres/postgres/commit/b1d32d3e3230f00b5baba08f75b4f665c7d6 \
dac6">https://github.com/postgres/postgres/commit/b1d32d3e3230f00b5baba08f75b4f665c7d6dac6</a><br></div></div></div>




[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic