On Fri, 2025-03-07 at 09:17 -0500, Robert Haas wrote: > On Fri, Mar 7, 2025 at 9:02 AM Jelte Fennema-Nio <postg...@jeltef.nl> wrote: > > The reason why I walked back my comment was that cloud providers can > > simply choose which extensions they actually add to the image. If an > > extension is marked as not trusted by the author, then with this role > > they can still choose to add it without having to make changes to the > > control file if they think it's "secure enough". > > Hmm. It would be easy to do dumb things here, but I agree there are > probably a bunch of debatable cases. Maybe it would be smart if we > labelled our untrusted extensions somehow with why they're untrusted, > or documented that. > > Why wouldn't the cloud provider just change add 'trusted = true' to > the relevant control files instead of doing this?
That's quite true. Perhaps the patch should be rejected after all. Yours, Laurenz Albe
