Re: Removing pg_pltemplate and creating "trustable" extensions
Robert Haas <robertmhaas@gmail.com>
From: Robert Haas <robertmhaas@gmail.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Stephen Frost <sfrost@snowman.net>,
Peter Eisentraut <peter.eisentraut@2ndquadrant.com>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-01-10T20:23:48Z
Lists: pgsql-hackers
On Fri, Jan 10, 2020 at 2:40 PM Tom Lane <tgl@sss.pgh.pa.us> wrote: > Well, the other direction we could go here, which I guess is what > you are arguing for, is to forget the new default role and just > say that marking an extension trusted allows it to be installed by > DB owners, full stop. That's nice and simple and creates no > backwards-compatibility issues. If we later decide that we want > a default role, or any other rules about who-can-install, we might > feel like this was a mistake --- but the backwards-compatibility issues > we'd incur by changing it later are exactly the same as what we'd have > today if we do something different from this. The only difference > is that there'd be more extensions affected later (assuming we mark > more things trusted). I agree with your analysis, but I'm still inclined to feel that the new pre-defined roll is a win. Generally, decoupled permissions are better. Being able to grant someone either A or B or both or neither is usually superior to having to grant either both permissions or neither. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
Commits
-
Invent "trusted" extensions, and remove the pg_pltemplate catalog.
- 50fc694e4374 13.0 landed