From: | Jignesh Shah <jignesh(dot)shah1980(at)gmail(dot)com> |
---|---|
To: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> |
Cc: | Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>, pgsql-general <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Questions regarding SET option. |
Date: | 2010-02-22 18:39:17 |
Message-ID: | c11950271002221039n4f680f43ye400d6db520278c7@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
>> set work_mem to '1MB'
>> set search_path = 'public';
Thanks for the example Pavel. I understood it. Are there any other SET
options except above that I need to set to prevent security breach?
Thanks,
Jack
On Mon, Feb 22, 2010 at 11:41 PM, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>wrote:
> 2010/2/22 Jignesh Shah <jignesh(dot)shah1980(at)gmail(dot)com>:
> > Thanks a ton Laurenz and Pavel for your responses but I really didn't
> follow
> > you. I am not master in PostGreSQL yet. Could you please give me some
> > example?
> >
> > Basically, I want to know how many such SET options I should reset before
> > executing my function and at the end it should also be restored to
> original
> > settings.
> >
>
> create or replace function foop()
> returns int as $$
> select 10
> $$ language sql
> set work_mem to '1MB'
> set search_path = 'public';
> CREATE FUNCTION
> postgres=#
>
> regards
> Pavel Stehule
>
> > It would be really helpful if you could elaborate your response.
> >
> > Thanks guys.
> > Jack
> >
> > On Mon, Feb 22, 2010 at 8:05 PM, Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>
> > wrote:
> >>
> >> Jignesh Shah wrote:
> >> > I have been writing a function with SECURITY DEFINER enabled.
> >> > Basically, I am looking for ways to override the users SET
> >> > option settings while executing my function to prevent the
> >> > permissions breach. For example, to override "SET
> >> > search_path", I am setting search path in my function before
> >> > executing anything. Could any one please tell me what could
> >> > be other SET options that I should take care?
> >> >
> >> > Moreover, how to revert back those settings just before
> >> > returning from my function?
> >>
> >> You can use the SET clause of CREATE FUNCTION which does exactly
> >> what you want.
> >>
> >> Yours,
> >> Laurenz Albe
> >
> >
>
From | Date | Subject | |
---|---|---|---|
Next Message | Pavel Stehule | 2010-02-22 18:42:32 | Re: Questions regarding SET option. |
Previous Message | Yang Zhang | 2010-02-22 18:36:48 | Re: Sorting performance vs. MySQL |