Thread

  1. Re: Extension security improvement: Add support for extensions with an owned schema

    Artem Gavrilov <artem.gavrilov@percona.com> — 2025-07-23T17:12:42Z

    Hello Jelte,
    
    I reviewed your patch. Overall it looks good, I didn't find any problems
    with code. Documentation is in place and clear.
    
    Initial Run
    ===========
    The patch applies cleanly to HEAD (196063d6761). All tests successfully
    pass.
    
    Comments
    ===========
    1) I noticed that pg_dump changes weren't covered with tests.
    
    2) I assume these error messages may be confusing, especially first one:
    
    > -- Fails for an already existing schema to be provided
    > CREATE EXTENSION test_ext_owned_schema SCHEMA test_ext_owned_schema;
    > ERROR:  schema "test_ext_owned_schema" already exists
    > -- Fails because a different schema is set in control file
    > CREATE EXTENSION test_ext_owned_schema SCHEMA test_schema;
    > ERROR:  extension "test_ext_owned_schema" must be installed in schema
    > "test_ext_owned_schema"
    
    
    In both cases it's not clear that the extension requires schema ownership.
    Can hint messages be added there?
    
    -- 
    
    Artem Gavrilov
    
    Senior Software Engineer, Percona
    
    artem.gavrilov@percona.com
    percona.com <http://www.percona.com>