Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1ued1Y-00CbkD-97
	for pgsql-hackers@arkaria.postgresql.org; Wed, 23 Jul 2025 17:13:01 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1ued1X-003YWo-Aq
	for pgsql-hackers@arkaria.postgresql.org; Wed, 23 Jul 2025 17:12:59 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <artem.gavrilov@percona.com>)
	id 1ued1W-003YWg-W4
	for pgsql-hackers@lists.postgresql.org; Wed, 23 Jul 2025 17:12:59 +0000
Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <artem.gavrilov@percona.com>)
	id 1ued1T-000SLE-1d
	for pgsql-hackers@postgresql.org;
	Wed, 23 Jul 2025 17:12:58 +0000
Received: by mail-ej1-x631.google.com with SMTP id
 a640c23a62f3a-aec5a714ae9so7019866b.3
        for <pgsql-hackers@postgresql.org>;
 Wed, 23 Jul 2025 10:12:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=percona.com; s=google; t=1753290774; x=1753895574;
 darn=postgresql.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=6pxiAnS/r03zP5GU+TmBqpZZRBSuvH3+jWZNgYsXfHM=;
        b=a+Rc/xVVz4aRkyuYh4TLD4S1RuU4QQ/VUPXdZm8QH52WNLMiaP9p4nyJtXJNeAwJlf
         6mWKfav+pRmiTRcBZPcbjEDTvjq2Km4krgYAqXW+lZ/FdETkkFqiw+pdNOCSMICHbKad
         ZVMB2u7tqpCjhfbRLZniB82qvTrVg6ja5fuWM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1753290774; x=1753895574;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=6pxiAnS/r03zP5GU+TmBqpZZRBSuvH3+jWZNgYsXfHM=;
        b=KprZZ7MeiJ+dOKvWQDdSFMynwWV7MIpzTmU+61ZfrP5uzmxoG1lbSDilg4GjV8TTvB
         KMNaNGS/UF/1NQ9yzlxQVqRrBnlab3+NVP6Ywhvc3IdJzyuBgLU3GAhilKwoKDCJG7mR
         0cU/wGXbVWAc5EI8hUePpcYx0dalOxJEtBSYjL0097oJF4S1wYYyAkKiSdWQRNt19o6J
         l+d93yb7UOm6qrePIkwQvkqZLfwO9ytMrd83IZzrJP5CcdK+1QJn+dYHPfgr6F6EJM7w
         dnsNsViHPSjNUwXrARWeayzfsiiTnpwmFIGo897YWT1c1NpGctbvl/g4RsS4MI4ef7bO
         GezQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCVZLlswzFJ1Phx8wZIj96VBW5VaVDmhwL0pxi0xAAxJJUD56anSOCIcCTDBLJpjQr+n6OrnHHTKRJX8fXAL@postgresql.org
X-Gm-Message-State: AOJu0YwTptPoLE1VOig6ht7eFvGygvLXNzqCwExegAJnmLDHTNWqRQ95
	n6l2LlIRUEfy/vbZoZYPz6ML+/N3LUDlwN4SODAUxDR5yN7R/E4bJtdmTj/GRdB7u+VKz/uSgIz
	o7YaNnlBT/E8Bk3rio7RP2gEeFA+KLUM+AydhB08IynbVn1n1zqPCPHla6Fq73ifq3vWGyPx9Q2
	5i5q2Vcwx1vKJ+MmgFRD7F4zS3+187XkU9hq04ItBjSjpF2Ov+bStNOzidqbBo6lzynAU0oacbw
	MwZRgXExFRfTlyHDedCuYHMBsnmVDPY/CYDssDUTmTRNKYlbRQ=
X-Gm-Gg: ASbGncsZomlm1MQ5pouzCgjFnR/wCysIz2djUevUOe6Dn0OnRe5iwYz+ciG+LTMXZdM
	C+woVU/OWqSnfi/lLE3Tn2p9N/kkIxwnJ9auwDyvaZUN3DZNj69UNepQ+0DSyLzJLgzdlm5sKB1
	XV2di7tv1OfuW+qx3nvaUvFd4j8kyFb2TTwtUkhHhOqzuO5+Hz76CmXuqxtbL3I/fhtQ/lswoZA
	aP9oQ==
X-Google-Smtp-Source: 
 AGHT+IE7XjE5CboRiyX4R1DEwklqpO08uxOUhWhxO0nX9ikL4Wv5b9OfWLAnjkqZigBUoaFEI8uPF2B9vk2rhUDWBqg=
X-Received: by 2002:a17:907:97cc:b0:ae3:6bd5:ebe7 with SMTP id
 a640c23a62f3a-af2f9073cecmr390256566b.54.1753290774290; Wed, 23 Jul 2025
 10:12:54 -0700 (PDT)
MIME-Version: 1.0
References: 
 <CAGECzQQzDqDzakBkR71ZkQ1N1ffTjAaruRSqppQAKu3WF+6rNQ@mail.gmail.com>
 <dbd3cc5a5edde04941c8624dde7e4bd2a063f366.camel@j-davis.com>
 <CAGECzQTe3y6xwP9aMbFBCxKnQEEn3G3=cEDqoD5xaOwPwypd_A@mail.gmail.com>
 <CAGECzQTAgtTp3G=Em3xEY=T=uiKfyu5xLYri9By=sfNBS5C_9A@mail.gmail.com>
 <CAKFQuwaT4_n=e0YKBZAyox1CQUra2ka0cySs+3pGZR5p50pn-g@mail.gmail.com>
 <CAGECzQTOJrnnJkmMe9nems0jouiKUbFcEb1rb9kE_svsAZiGQg@mail.gmail.com>
 <585e996c-a5c6-4e61-acc4-d92b7a1458ea@vondra.me>
 <CAGECzQS02M6YPDXemo36tShO-ZYObjqnyTJyVttua1PGyN4xRw@mail.gmail.com>
In-Reply-To: 
 <CAGECzQS02M6YPDXemo36tShO-ZYObjqnyTJyVttua1PGyN4xRw@mail.gmail.com>
From: Artem Gavrilov <artem.gavrilov@percona.com>
Date: Wed, 23 Jul 2025 19:12:42 +0200
X-Gm-Features: Ac12FXwr-yJxWzrCUla7lYK8NyRn14Yjk37ApwyIbp4HtDidHlAEqkowqDlwDTY
Message-ID: 
 <CAFPkQKzALOTTBrhj2qDHwVxZQyjF5Xg_P9M=Tn_Dcm3vr=xdTA@mail.gmail.com>
Subject: Re: Extension security improvement: Add support for extensions with
 an owned schema
To: Jelte Fennema-Nio <me@jeltef.nl>
Cc: Tomas Vondra <tomas@vondra.me>,
 "David G. Johnston" <david.g.johnston@gmail.com>,
	Jeff Davis <pgsql@j-davis.com>,
 PostgreSQL-development <pgsql-hackers@postgresql.org>
Content-Type: multipart/alternative; boundary="000000000000ca4687063a9bd178"
X-CLOUD-SEC-AV-Sent: true
X-CLOUD-SEC-AV-Info: percona,google_mail,monitor
X-Gm-Spam: 0
X-Gm-Phishy: 0
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/CAFPkQKzALOTTBrhj2qDHwVxZQyjF5Xg_P9M%3DTn_Dcm3vr%3DxdTA%40mail.gmail.com>
Precedence: bulk

--000000000000ca4687063a9bd178
Content-Type: text/plain; charset="UTF-8"

Hello Jelte,

I reviewed your patch. Overall it looks good, I didn't find any problems
with code. Documentation is in place and clear.

Initial Run
===========
The patch applies cleanly to HEAD (196063d6761). All tests successfully
pass.

Comments
===========
1) I noticed that pg_dump changes weren't covered with tests.

2) I assume these error messages may be confusing, especially first one:

> -- Fails for an already existing schema to be provided
> CREATE EXTENSION test_ext_owned_schema SCHEMA test_ext_owned_schema;
> ERROR:  schema "test_ext_owned_schema" already exists
> -- Fails because a different schema is set in control file
> CREATE EXTENSION test_ext_owned_schema SCHEMA test_schema;
> ERROR:  extension "test_ext_owned_schema" must be installed in schema
> "test_ext_owned_schema"


In both cases it's not clear that the extension requires schema ownership.
Can hint messages be added there?

-- 

Artem Gavrilov

Senior Software Engineer, Percona

artem.gavrilov@percona.com
percona.com <http://www.percona.com>

--000000000000ca4687063a9bd178
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div>He=
llo Jelte,</div><div><br></div><div>I reviewed your patch. Overall it looks=
 good, I didn&#39;t find any problems with code. Documentation is in place =
and clear.</div><div><br></div><div>Initial Run<br>=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D</div><div>The patch applies cleanly to HEAD (196063d6761). All te=
sts=C2=A0successfully pass.</div><div><br></div><div>Comments</div><div>=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</div><div>1)=C2=A0I noticed that pg_dump cha=
nges weren&#39;t covered with tests.</div><div><br></div><div>2) I assume t=
hese error messages may be confusing, especially first one:=C2=A0</div><blo=
ckquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left=
:1px solid rgb(204,204,204);padding-left:1ex">-- Fails for an already exist=
ing schema to be provided<br>CREATE EXTENSION test_ext_owned_schema SCHEMA =
test_ext_owned_schema;<br>ERROR: =C2=A0schema &quot;test_ext_owned_schema&q=
uot; already exists<br>-- Fails because a different schema is set in contro=
l file<br>CREATE EXTENSION test_ext_owned_schema SCHEMA test_schema;<br>ERR=
OR: =C2=A0extension &quot;test_ext_owned_schema&quot; must be installed in =
schema &quot;test_ext_owned_schema&quot;</blockquote><div><br></div><div><d=
iv>In both cases it&#39;s not clear that the extension requires schema owne=
rship. Can hint messages be added there?</div><div><br></div></div></div><s=
pan class=3D"gmail_signature_prefix">-- </span><br><div dir=3D"ltr" class=
=3D"gmail_signature" data-smartmail=3D"gmail_signature"><div dir=3D"ltr"><p=
 style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">Artem Gavrilov=
</p><p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0=
pt"><span style=3D"font-size:10pt;font-family:Poppins,sans-serif;color:#000=
000;background-color:transparent;font-weight:400;font-style:normal;font-var=
iant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;wh=
ite-space:pre-wrap">Senior Software Engineer, Percona</span></p><br><p dir=
=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span =
style=3D"font-size:10pt;font-family:Poppins,sans-serif;color:#000000;backgr=
ound-color:transparent;font-weight:400;font-style:normal;font-variant:norma=
l;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:=
pre-wrap"><a href=3D"mailto:artem.gavrilov@percona.com" target=3D"_blank">a=
rtem.gavrilov@percona.com</a></span></p><a href=3D"http://www.percona.com" =
style=3D"text-decoration:none" target=3D"_blank"><span style=3D"font-size:9=
pt;font-family:Poppins,sans-serif;color:#1155cc;background-color:transparen=
t;font-weight:400;font-style:normal;font-variant:normal;text-decoration:und=
erline;vertical-align:baseline;white-space:pre;white-space:pre-wrap">percon=
a.com</span><span style=3D"font-size:10pt;font-family:Poppins,sans-serif;co=
lor:#000000;background-color:transparent;font-weight:400;font-style:normal;=
font-variant:normal;text-decoration:none;vertical-align:baseline;white-spac=
e:pre;white-space:pre-wrap">
</span></a></div></div></div>
</div>
</div>

--000000000000ca4687063a9bd178--