Re: Documentation fix for CREATE FUNCTION

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>
Cc: "'pgsql-hackers(at)postgresql(dot)org'" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Documentation fix for CREATE FUNCTION
Date: 2016-07-13 14:57:07
Message-ID: 14484.1468421827@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at> writes:
> I just noticed that the documentation for CREATE FUNCTION still mentions
> that the temporary namespace is searched for functions even though that
> has been removed with commit aa27977.

The example you propose to correct was introduced by that same commit,
which should make you think twice about whether it really was invalidated
by that commit.

I believe the reason for forcing pg_temp to the back of the path is to
prevent unqualified table names from being captured by pg_temp entries.
This risk exists despite the rule against searching pg_temp for functions
or operators. A maliciously named temp table could at least prevent
a security definer function from doing what it was supposed to, and
could probably hijack control entirely via triggers or rules.

Possibly the documentation should be more explicit about why this is
being done, but the example code is good as-is.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Kevin Grittner 2016-07-13 15:06:52 Re: Re: [COMMITTERS] pgsql: Avoid extra locks in GetSnapshotData if old_snapshot_threshold <
Previous Message Tomas Vondra 2016-07-13 14:53:40 rethinking dense_alloc (HashJoin) as a memory context