| From: | Zdenek Kotala <Zdenek(dot)Kotala(at)Sun(dot)COM> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Per-function search_path => per-function GUC settings |
| Date: | 2007-09-11 14:57:01 |
| Message-ID: | 46E6ACBD.4030707@sun.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> Zdenek Kotala <Zdenek(dot)Kotala(at)Sun(dot)COM> writes:
>> I have a question about what does happen if search path is not defined
>> for SECURITY DEFINER function. My expectation is that SECURITY DEFINER
>> function should defined empty search patch in this case.
>
> Your expectation is incorrect. We are not in the business of breaking
> every application in sight, which is what that would do.
Oh. I see. In this point of view I suggest to add some warning about
potential security issue if SECURITY DEFINER function will create
without preset search_path. I'm aware that a lot of developer forget to
modify their application.
Zdenek
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zdenek Kotala | 2007-09-11 15:13:15 | Re: pgcrypto related backend crash on solaris 10/x86_64 |
| Previous Message | Tom Lane | 2007-09-11 14:49:41 | Re: What is happening on buildfarm member dugong |