Re: Fixing insecure security definer functions

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: pgsql-hackers(at)postgresql(dot)org
Cc: Stephen Frost <sfrost(at)snowman(dot)net>, Merlin Moncure <mmoncure(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Subject: Re: Fixing insecure security definer functions
Date: 2007-04-19 21:53:43
Message-ID: 200704192353.44329.peter_e@gmx.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Stephen Frost wrote:
> While I agree that raising a warning makes sense I don't believe it
> should be forced.  There may be cases where, even in security definer
> functions, the current search_path should be used (though, of course,
> care must be taken in writing such functions).

I really wonder whether such a use case exists. What would it be?

--
Peter Eisentraut
http://developer.postgresql.org/~petere/

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Gregory Stark 2007-04-19 22:08:53 Re: Allowing COPY into views
Previous Message Gustavo Tonini 2007-04-19 21:38:08 Fragmentation project