public inbox for [email protected]
help / color / mirror / Atom feedFrom: Ashutosh Bapat <[email protected]>
To: Robert Haas <[email protected]>
Cc: Jeff Davis <[email protected]>
Cc: Joe Conway <[email protected]>
Cc: [email protected]
Subject: Re: [17] CREATE SUBSCRIPTION ... SERVER
Date: Mon, 4 Sep 2023 18:04:28 +0530
Message-ID: <CAExHW5vf4bg=LGM6HWmmzXEiLEtd2+Q1Ae4aVU6M1Njf7SRYuQ@mail.gmail.com> (raw)
In-Reply-To: <CA+TgmoZ9OB7tGt+1LST=Mv_qC_LOnaqkd1D9FmkrBG1He3JJgg@mail.gmail.com>
References: <[email protected]>
<CAExHW5vv-78ixJs3arsuZ+12A4AyqehJnDPhejp0m4FAKG6JZA@mail.gmail.com>
<[email protected]>
<CAExHW5sAo4Gv3AwuxQNGSQ2Z45B8_MZEb-SG-B8D-hLMdrquAg@mail.gmail.com>
<[email protected]>
<[email protected]>
<[email protected]>
<CA+TgmoZ9OB7tGt+1LST=Mv_qC_LOnaqkd1D9FmkrBG1He3JJgg@mail.gmail.com>
On Sat, Sep 2, 2023 at 1:41 AM Robert Haas <[email protected]> wrote:
>
> On Fri, Sep 1, 2023 at 4:04 PM Jeff Davis <[email protected]> wrote:
> > On Thu, 2023-08-31 at 17:17 -0400, Joe Conway wrote:
> > > Maybe move postgres_fdw to be a first class built in feature instead
> > > of
> > > an extension?
> >
> > That could make sense, but we still have to solve the problem of how to
> > present a built-in FDW.
> >
> > FDWs don't have a schema, so it can't be inside pg_catalog. So we'd
> > need some special logic somewhere to make pg_dump and psql \dew work as
> > expected, and I'm not quite sure what to do there.
>
> I'm worried that an approach based on postgres_fdw would have security
> problems. I think that we don't want postgres_fdw installed in every
> PostgreSQL cluster for security reasons. And I think that the set of
> people who should be permitted to manage connection strings for
> logical replication subscriptions could be different from the set of
> people who are entitled to use postgres_fdw.
If postgres_fdw was the only way to specify a connection to be used
with subscriptions, what you are saying makes sense. But it's not. We
will continue to support current mechanism which doesn't require
postgres_fdw to be installed on every PostgreSQL cluster.
What security problems do you foresee if postgres_fdw is used in
addition to the current mechanism?
--
Best Wishes,
Ashutosh Bapat
view thread (45+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected]
Subject: Re: [17] CREATE SUBSCRIPTION ... SERVER
In-Reply-To: <CAExHW5vf4bg=LGM6HWmmzXEiLEtd2+Q1Ae4aVU6M1Njf7SRYuQ@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox