Hi, On 2020-01-29 14:41:16 -0500, Tom Lane wrote: > pgcrypto
FWIW, given the code quality, I'm doubtful about putting itq into the trusted section. Have you audited how safe the create/upgrade scripts are against being used to elevate privileges? Especially with FROM UNPACKAGED it seems like it'd be fairly easy to get an extension script to do dangerous things (as superuser). One could just create pre-existing objects that have *not* been created by a previous version, and some upgrade scripts would do pretty weird stuff. There's several that do things like updating catalogs directly etc. It seems to me that FROM UNPACKAGED shouldn't support trusted. Regards, Andres Freund
