On Wed, Jul 06, 2022 at 03:47:27PM -0700, Nathan Bossart wrote: > I think the call to superuser_arg() in pg_parameter_aclmask() is causing > set_config_option() to bypass the normal privilege checks, as > execute_extension_script() will have set the user ID to the bootstrap > superuser for trusted extensions like plperl. I don't have a patch or a > proposal at the moment, but I thought it was worth starting the discussion.
Looks like a bug to me, so I have added an open item assigned to Tom. -- Michael
signature.asc
Description: PGP signature
