Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wZB2d-000pcy-2O for pgsql-hackers@arkaria.postgresql.org; Mon, 15 Jun 2026 17:24:07 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1wZB1b-00CtiM-1a for pgsql-hackers@arkaria.postgresql.org; Mon, 15 Jun 2026 17:23:03 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wZB1b-00CtiE-0j for pgsql-hackers@lists.postgresql.org; Mon, 15 Jun 2026 17:23:03 +0000 Received: from sss.pgh.pa.us ([68.162.161.243]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1wZB1Z-00000000VsF-3u3O for pgsql-hackers@lists.postgresql.org; Mon, 15 Jun 2026 17:23:02 +0000 Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1]) by sss.pgh.pa.us (8.18.1/8.18.1) with ESMTP id 65FHMuCN239324; Mon, 15 Jun 2026 13:22:56 -0400 From: Tom Lane To: =?utf-8?Q?=C3=81lvaro?= Herrera cc: Bertrand Drouvot , Michael Paquier , Chao Li , "L. pgsql-hackers" , Fujii Masao , Peter Eisentraut , Jeff Davis , Ashutosh Bapat , Amit Kapila Subject: Re: Fix unqualified catalog references in psql describe queries In-reply-to: References: Comments: In-reply-to =?utf-8?Q?=C3=81lvaro?= Herrera message dated "Mon, 15 Jun 2026 19:08:22 +0200" MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <239322.1781544176.1@sss.pgh.pa.us> Date: Mon, 15 Jun 2026 13:22:56 -0400 Message-ID: <239323.1781544176@sss.pgh.pa.us> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk =?utf-8?Q?=C3=81lvaro?= Herrera writes: > My proposal would be that all operators, both system-defined as well as > user-defined, live in a single namespace -- not that we forbid them from > being created. Exactly how does that improve anyone's life? It will certainly not improve query security, rather the reverse. You could no longer put less-trusted stuff into a schema that's not in your search_path. Yes, it would stop people from creating operators that are exact duplicates of system operators, but those are not the problem: user-defined operators like that are already masked by the lookup rules, assuming that pg_catalog is searched first as is the normal case. The thing that is dangerous is a user-defined operator that is made to capture cases that lack an exact system-operator match (say, varchar = text). AFAICS your proposal puts those on exactly the same footing as system-defined operators, and there is no recourse. regards, tom lane