| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bryn Llewellyn <bryn(at)yugabyte(dot)com> |
| Cc: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>, Christophe Pettus <xof(at)thebuild(dot)com>, pgsql-general list <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Seems to be impossible to set a NULL search_path |
| Date: | 2022-07-05 19:13:00 |
| Message-ID: | 1997258.1657048380@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Bryn Llewellyn <bryn(at)yugabyte(dot)com> writes:
> Thanks, all, for your replies. I'd assumed that the arguments of "set search_path" had to be SQL names. so I tried "". But that caused an error. I didn't try the ordinary empty string because I'd assumed that, as an illegal SQL name, it would be illegal in "set search_path". Hmm...
search_path's value is not a SQL name. It's a list of SQL names
wrapped in a string ... and the list can be empty.
A bit off topic: I'm not sure how you came to the conclusion that
superusers can't write into pg_catalog. They can. But I don't see
much point in being paranoid about whether the contents of pg_catalog
are trustworthy. If an adversary has already obtained superuser
privileges, he needn't bother with anything as complicated as
trojan-horsing something you might call later.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2022-07-05 19:17:38 | Re: [UNVERIFIED SENDER] Re: pg_upgrade can result in early wraparound on databases with high transaction load |
| Previous Message | Bryn Llewellyn | 2022-07-05 19:05:01 | Re: Seems to be impossible to set a NULL search_path |