public inbox for [email protected]
help / color / mirror / Atom feedFrom: Jelte Fennema-Nio <[email protected]>
To: Robert Haas <[email protected]>
Cc: Julien Rouhaud <[email protected]>
Cc: Artem Gavrilov <[email protected]>
Cc: Tomas Vondra <[email protected]>
Cc: David G. Johnston <[email protected]>
Cc: Jeff Davis <[email protected]>
Cc: PostgreSQL-development <[email protected]>
Subject: Re: Extension security improvement: Add support for extensions with an owned schema
Date: Thu, 11 Sep 2025 15:29:27 +0200
Message-ID: <CAGECzQT8Rjo73xJfS-KSouoj09oUSOM6UWhvy0JXXO8+U0qwwQ@mail.gmail.com> (raw)
In-Reply-To: <CA+TgmoY0zKz-mkXjkRUd-vNT4sp+=j5aJKd6er9WgOH9Q0Qriw@mail.gmail.com>
References: <[email protected]>
<CAGECzQS02M6YPDXemo36tShO-ZYObjqnyTJyVttua1PGyN4xRw@mail.gmail.com>
<CAFPkQKzALOTTBrhj2qDHwVxZQyjF5Xg_P9M=Tn_Dcm3vr=xdTA@mail.gmail.com>
<[email protected]>
<CA+TgmoY=NO7_L=UDuoUWj-icABF-7EP=UNUXCFBYpDNFoUZmbA@mail.gmail.com>
<CA+TgmoYDdYA1paUKtfHfx-iDdCKrL05m2OwPHz7SQ03t49f2oQ@mail.gmail.com>
<CAOBaU_YTJwo=jevDDKXRjwFUqON2VoWqz=Aw0FedyxbfYSiisw@mail.gmail.com>
<CAGECzQS9JqWv+zJR-e-1JMH7GhCnLc4vD9H-uEui8E5Ba9Trpw@mail.gmail.com>
<aLaysb-v12hPW22V@jrouhaud>
<CA+TgmoawwAoRZH2Hm8w-RP1QOebK9LQ=NzeJWWAz+pYhSQPT0g@mail.gmail.com>
<aLt9f7u_jUnMgGOe@jrouhaud>
<CAGECzQR8gnJ92R2joimAfg6VX_VZO2Dy2n2gG-Ozr3zQ7evmSA@mail.gmail.com>
<CA+TgmoY0zKz-mkXjkRUd-vNT4sp+=j5aJKd6er9WgOH9Q0Qriw@mail.gmail.com>
On Thu, 11 Sept 2025 at 15:02, Robert Haas <[email protected]> wrote:
> What the patch does (IIRC) is make it so that dropping the extension
> just cascade-drops the schema.
You recall incorrectly ;) It only does that when you do:
DROP EXTENSION ... CASCADE
Otherwise you get errors like this:
DROP EXTENSION test_ext_owned_schema;
ERROR: cannot drop extension test_ext_owned_schema because other
objects depend on it
DETAIL: function test_owned_schema_defaults.new_owned() depends on
schema test_owned_schema_defaults
> but somebody
> could equally well just install an unrelated extension in the same
> schema and then drop the first extension and, whoops.
To be clear, that could only happen when that unrelated extension does
not have owned_schema=true. Because creating such an extension
requires the schema to not exist yet. (And even then as explained
above the accidental drop only happens when the user uses CASCADE.)
view thread (27+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: Extension security improvement: Add support for extensions with an owned schema
In-Reply-To: <CAGECzQT8Rjo73xJfS-KSouoj09oUSOM6UWhvy0JXXO8+U0qwwQ@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox