On Wed, Apr 18, 2012 at 7:54 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: > However, ignoring that issue for the moment, this patch is making me > uncomfortable. I have a vague recollection that we deliberately omitted > ALTER EXTENSION OWNER because of security or definitional worries. > (Dimitri, does that ring any bells?) I wonder whether we should insist > that the new owner be a superuser, as the original owner must have been.
Don't we have non-superuser extensions, that can be installed with just DBA privileges? Anyhow, it seems a bit nannyish, unless I'm missing something. If the current owner is a superuser and s/he wants to give the object to a non-superuser, you can't really stop them. They can just make the target user a superuser, give 'em the object, and make them not a superuser, all in one transaction no less. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
