| From: | Jignesh Shah <jignesh(dot)shah1980(at)gmail(dot)com> |
|---|---|
| To: | Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>, pavel(dot)stehule(at)gmail(dot)com |
| Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Questions regarding SET option. |
| Date: | 2010-02-22 17:52:42 |
| Message-ID: | c11950271002220952g72b15039td5c8fdfe121c8ed3@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Thanks a ton Laurenz and Pavel for your responses but I really didn't follow
you. I am not master in PostGreSQL yet. Could you please give me some
example?
Basically, I want to know how many such SET options I should reset before
executing my function and at the end it should also be restored to original
settings.
It would be really helpful if you could elaborate your response.
Thanks guys.
Jack
On Mon, Feb 22, 2010 at 8:05 PM, Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>wrote:
> Jignesh Shah wrote:
> > I have been writing a function with SECURITY DEFINER enabled.
> > Basically, I am looking for ways to override the users SET
> > option settings while executing my function to prevent the
> > permissions breach. For example, to override "SET
> > search_path", I am setting search path in my function before
> > executing anything. Could any one please tell me what could
> > be other SET options that I should take care?
> >
> > Moreover, how to revert back those settings just before
> > returning from my function?
>
> You can use the SET clause of CREATE FUNCTION which does exactly
> what you want.
>
> Yours,
> Laurenz Albe
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Scott Bailey | 2010-02-22 18:07:56 | Re: What is unsecure postgres languages? How to disable them? |
| Previous Message | Yang Zhang | 2010-02-22 17:51:19 | Re: Performance cost of a sort-merge join |