Hi!
> 22 марта 2019 г., в 19:17, Petr Jelinek <petr.jelinek@2ndquadrant.com> написал(а):
>
> I still don't like that we are running the subscription workers as
> superuser even for subscriptions created by regular user. That has
> plenty of privilege escalation issues in terms of how user functions are
> run (we execute triggers, index expressions etc, in that worker).
Yes, this is important concern, thanks! I think it is not a big deal to run worker without superuser privileges too.
> Regardless of my complain above, patch with this big security
> implications that has arrived in middle of last CF should not be merged
> in that last CF IMHO.
Yes, this patch is a pure security implication and nothing else.
This thread was started in November with around twenty messages before this CF. Our wiki states that "in our community
--if no one objects, then there is implicit approval. Within reason!"
I do not really think argument "last version of the patch arrived at last CF" applies here. But I understand that it is
noteasy to setup consensus on the problem at hand.
Independently from the willingness of any committer to work on this at current CF, the topic of subscription security
relaxationreally worth efforts.
Best regards, Andrey Borodin.