Re: Extension pg_trgm, permissions and pg_dump order
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Noah Misch <noah@leadboat.com>, Färber, Franz-Josef (StMUK) <Franz-Josef.Faerber@stmuk.bayern.de>, PostgreSQL mailing lists <pgsql-bugs@lists.postgresql.org>
Date: 2022-05-27T19:32:37Z
Lists: pgsql-bugs, pgsql-general
Robert Haas <robertmhaas@gmail.com> writes: > On Fri, May 27, 2022 at 2:53 PM Tom Lane <tgl@sss.pgh.pa.us> wrote: >> From the security perspective it may be just fine. Nonetheless, >> we need to un-break pg_dump; it's not optional for that to work. > That's pretty obvious. What's not obvious - at least to me - is > whether the kinds of changes that Noah is proposing to make here have > the effect of putting back the security vulnerability that the > original commit was intended to fix. Yeah, that is the problematic part of this. I'm not sure about that either, and we'll need to look at it closely. regards, tom lane
Commits
-
CREATE INDEX: use the original userid for more ACL checks.
- 88b39e61486a 10.22 landed
- 6d49cc28613b 11.17 landed
- 93731d549e15 12.12 landed
- 8782ce49e4d0 13.8 landed
- ace9973867c2 14.5 landed
- 00377b9a02b8 15.0 landed