On Thu, Jul 07, 2022 at 12:41:00PM -0400, Tom Lane wrote: > Yeah. So the fix here seems pretty obvious: rather than applying the > permissions check using bare GetUserId(), we need to remember the role > OID that originally applied the setting, and use that.
Please ignore my previous message. This makes sense. > The problem with this sketch is that > > (1) we need an OID field in struct config_generic, as well as GucStack, > which means an ABI break for any extensions that look directly at GUC > records. There probably aren't many, but ... > > (2) we need an additional parameter to set_config_option, which > again is a compatibility break for anything calling that directly. > There surely are such callers --- our own extensions do it. > > Can we get away with doing these things in beta3? We could avoid > breaking (2) in the v15 branch by making set_config_option into > a wrapper around set_config_option_ext, or something like that; > but the problem with struct config_generic seems inescapable. > (Putting the new field at the end would solve nothing, since > config_generic is embedded into larger structs.) > > The alternative to API/ABI breaks seems to be to revert the > feature, which would be sad. I personally lean more towards the compatibility break than reverting the feature. There are still a couple of months before 15.0, and I suspect it won't be too difficult to fix any extensions that break because of this. -- Nathan Bossart Amazon Web Services: https://aws.amazon.com
