public inbox for [email protected]
help / color / mirror / Atom feedFrom: Tom Lane <[email protected]>
To: Jelte Fennema-Nio <[email protected]>
Cc: Robert Haas <[email protected]>
Cc: Michael Banck <[email protected]>
Cc: PostgreSQL Hackers <[email protected]>
Subject: Re: [PATCH] New predefined role pg_manage_extensions
Date: Fri, 07 Mar 2025 11:23:51 -0500
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAGECzQRjkyiQ9b4vB2UDwppX4T3_SNhjYxMog4jxCSc6PEPKag@mail.gmail.com>
References: <[email protected]>
<CAGECzQQ2HB85N9PjTAdDTpFCciQmpeE2PcXbc8EKhSF=RPi3fA@mail.gmail.com>
<CA+Tgmoa3OA+1T-SBDLkVqgYW1cFSjuSF=L_wh=CJM+k=P+8OAA@mail.gmail.com>
<CAGECzQRjkyiQ9b4vB2UDwppX4T3_SNhjYxMog4jxCSc6PEPKag@mail.gmail.com>
Jelte Fennema-Nio <[email protected]> writes:
> The reason why I walked back my comment was that cloud providers can
> simply choose which extensions they actually add to the image. If an
> extension is marked as not trusted by the author, then with this role
> they can still choose to add it without having to make changes to the
> control file if they think it's "secure enough".
If they think it's "secure enough", they can mark it trusted in their
images. Why do we need anything beyond that?
regards, tom lane
view thread (27+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: [PATCH] New predefined role pg_manage_extensions
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox