Prevent extension creation in temporary schemas

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Prevent extension creation in temporary schemas

Michael Paquier-2
Hi all,

While looking at another bug I have noticed that it is possible to
create an extension directly using a temporary schema, which is
crazy.  A simple example:
=# create extension pg_prewarm with schema pg_temp_3;
CREATE EXTENSION
=# \dx pg_prewarm
           List of installed extensions
    Name    | Version |  Schema   |      Description
------------+---------+-----------+-----------------------
 pg_prewarm | 1.2     | pg_temp_3 | prewarm relation data
(1 row)

When also creating some extensions, like pageinspect, then the error
message gets a bit crazier, complaining about things not existing.
This combination makes no actual sense, so wouldn't it be better to
restrict the case?  When trying to use ALTER EXTENSION SET SCHEMA we
already have a similar error:
=# alter extension pageinspect set schema pg_temp_3;
ERROR:  0A000: cannot move objects into or out of temporary schemas
LOCATION:  CheckSetNamespace, namespace.c:2954

Attached is an idea of patch, the test case is a bit bulky to remain
portable though.

Thoughts?
--
Michael

extension-temp-schema.patch (3K) Download Attachment
signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Prevent extension creation in temporary schemas

Robert Haas
On Sun, Jan 6, 2019 at 10:26 PM Michael Paquier <[hidden email]> wrote:
> This combination makes no actual sense, so wouldn't it be better to
> restrict the case?

Hmm.  What exactly doesn't make sense about it?

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Reply | Threaded
Open this post in threaded view
|

Re: Prevent extension creation in temporary schemas

Michael Paquier-2
On Fri, Jan 11, 2019 at 02:22:01PM -0500, Robert Haas wrote:
> On Sun, Jan 6, 2019 at 10:26 PM Michael Paquier <[hidden email]> wrote:
>> This combination makes no actual sense, so wouldn't it be better to
>> restrict the case?
>
> Hmm.  What exactly doesn't make sense about it?

In my mind, extensions are designed to be database-wide objects which
are visible to all sessions.  Perhaps I am just confused by what I
think they should be, and I can see no trace on the archives about
concept of extensions + temp schema as base (adding Dimitri in CC if
he has an idea).  I can see as well that there have been stuff about
using temporary objects in extension script though ("Fix bugs with
temporary or transient tables used in extension scripts" in release
notes of 9.1).

For most of extensions, this can randomly finish with strange error
messages, say that:
=# create extension file_fdw with schema pg_temp_3;
ERROR:  42883: function file_fdw_handler() does not exist
LOCATION:  LookupFuncName, parse_func.c:2088

There are cases where the extension can be created:
=# create extension pgcrypto with schema pg_temp_3;
CREATE EXTENSION
Time: 36.567 ms
=# \dx pgcrypto
  List of installed extensions
   Name   | Version |  Schema   |       Description
----------+---------+-----------+-------------------------
 pgcrypto | 1.3     | pg_temp_3 | cryptographic functions
(1 row)

Then the extension is showing up as beginning to be present for other
users.  I am mainly wondering if this case has actually been thought
about in the past or discussed, and what to do about that and if we
need to do something.  Temporary extensions can exist as long as the
extension script does not include for example REVOKE queries on the
functions it creates (which should actually work?), and there is a
separate thread about restraining 2PC when touching the temporary
namespace for the creation of many objects, and extensions are one
case discussed.  Still the concept looks a bit wider, so I spawned a
separate thread.
--
Michael

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Prevent extension creation in temporary schemas

Michael Paquier-2
On Sat, Jan 12, 2019 at 08:34:37AM +0900, Michael Paquier wrote:
> Then the extension is showing up as beginning to be present for other
> users.  I am mainly wondering if this case has actually been thought
> about in the past or discussed, and what to do about that and if we
> need to do something.

The point here is about the visibility in \dx.
--
Michael

signature.asc (849 bytes) Download Attachment