On Fri, Jul 13, 2018 at 1:54 PM, Tom Lane <t...@sss.pgh.pa.us> wrote:
> So this is all pretty messy, but on the bright side, fixing it would allow > cleaning up some ancient squishy coding in ruleutils.c. It wouldn't be > controversial as just a v12 addition, perhaps ... but do we have a choice > about back-patching? Dump/restore failures are not good. > I think serious consideration needs to be given to ways to allow the user of pg_dump/pg_restore to choose the prior, less secure, mode of operation​. IMO the risk surface presented to support back-patching the behavioral changes was not severe enough to do so in the first place. I'm presuming undoing the back-patch will be shot down without mercy but at least consider an escape hatch for unafflicted secure systems that just happen to depend on search_path more than a super-hardened system would. David J.
