You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, guys!
I think most of you have experience designing extensions. I would appreciate advice about a specific issue.
Imagine you have designed an extension and know that one of the features provided by your extension conflicts with another popular shared library, which can highly likely be installed in the instance, too.
What do you think is the safest approach to disabling your GUC when there is a conflicting library in the system? And don't allow users to enable it even when they deliberately execute the SET command to enable it.
My first intention was to employ an assign_hook routine and check the list of loaded libraries at the time of assignment. But would it be safe if both extensions loaded on startup? Is it secure enough?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Postgres Extension Developers Coalition
-
Hi, guys!
I think most of you have experience designing extensions. I would appreciate advice about a specific issue.
Imagine you have designed an extension and know that one of the features provided by your extension conflicts with another popular shared library, which can highly likely be installed in the instance, too.
What do you think is the safest approach to disabling your GUC when there is a conflicting library in the system? And don't allow users to enable it even when they deliberately execute the SET command to enable it.
My first intention was to employ an assign_hook routine and check the list of loaded libraries at the time of assignment. But would it be safe if both extensions loaded on startup? Is it secure enough?
Beta Was this translation helpful? Give feedback.
All reactions