Huh, interesting. So your postgres can basically run arbitrary code on behalf of the user? I'm talking about stuff like https://tada.github.io/pljava/ where you can use the DB to invoke whatever code you like, outside of any sandbox. Like, could I upload a PL/Java function that probes your internal network? How are you making that secure?
That is true. And that is why we do not have the UI for loading extension binaries and do not give root access to the compute node. Yet. Of course, some containerization is in place, but it is not as tight as we would like for arbitrary code execution.
Still, there are no technical limitations. Our test suite already uses Neon-specific SQL functions from a C extension (https://github.com/neondatabase/postgres/tree/7faa67c3ca53fc...). At the very least, providing a lot of popular extensions out-of-the-box is on our roadmap once we figure out the security, no special repacking needed. As compute nodes should already be pretty isolated from each other, I don't think allowing arbitrary code will require a redesign.
