Re: Extension pg_trgm, permissions and pg_dump order
Nathan Bossart <nathandbossart@gmail.com>
From: Nathan Bossart <nathandbossart@gmail.com>
To: Noah Misch <noah@leadboat.com>
Cc: Michael Paquier <michael@paquier.xyz>, pgsql-bugs@lists.postgresql.org, Färber, Franz-Josef (StMUK) <Franz-Josef.Faerber@stmuk.bayern.de>, Tom Lane <tgl@sss.pgh.pa.us>
Date: 2022-06-21T17:56:16Z
Lists: pgsql-bugs, pgsql-general
On Wed, Jun 15, 2022 at 10:42:18PM -0700, Noah Misch wrote: > -REGRESS = citext citext_utf8 > +REGRESS = create_index_acl citext citext_utf8 It's a little unfortunate that these tests are located within the citext module, but I can't claim to have a better idea. > + * Identify the opclass to use. Use of ddl_userid is necessary due to > + * ACL checks therein. This is safe despite opclasses containing > + * opaque expressions (specifically, functions), because only > + * superusers can define opclasses. It's not clear to me why the fact that only superusers can define opclasses makes this safe. Overall, the patch seems reasonable to me. -- Nathan Bossart Amazon Web Services: https://aws.amazon.com
Commits
-
CREATE INDEX: use the original userid for more ACL checks.
- 88b39e61486a 10.22 landed
- 6d49cc28613b 11.17 landed
- 93731d549e15 12.12 landed
- 8782ce49e4d0 13.8 landed
- ace9973867c2 14.5 landed
- 00377b9a02b8 15.0 landed