"David G. Johnston" <david.g.johns...@gmail.com> writes:
> I'll admit these have been infrequent since resolving CVE 2018-1058, but I
> still disagree with the decision to not give the DBA an option on whether
> to leave public in their search_path during a pg_dump and pg_restore.
Yeah, I was never for that decision either. Anybody who's sufficiently
hot about it could try submitting a patch and see what happens.
I'm not quite sure how the option should work, but maybe call it
--use-unsafe-path and define it as adopting the same search_path
setting seen at dump time? Or maybe better to provide a restore-time
option saying "use this search_path"? It needs some thought, not
just quick-n-dirty code.
regards, tom lane
