| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
| Cc: | "'pgsql-hackers(at)postgresql(dot)org'" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Documentation fix for CREATE FUNCTION |
| Date: | 2016-07-15 15:00:16 |
| Message-ID: | 5819.1468594816@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at> writes:
> Tom Lane wrote:
>> I believe the reason for forcing pg_temp to the back of the path is to
>> prevent unqualified table names from being captured by pg_temp entries.
>> This risk exists despite the rule against searching pg_temp for functions
>> or operators. A maliciously named temp table could at least prevent
>> a security definer function from doing what it was supposed to, and
>> could probably hijack control entirely via triggers or rules.
>>
>> Possibly the documentation should be more explicit about why this is
>> being done, but the example code is good as-is.
> Maybe something like the attached would keep people like me from
> misunderstanding this.
I rewrote this a bit and pushed it. Thanks for the suggestion!
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2016-07-15 15:14:31 | Re: \timing interval |
| Previous Message | Tom Lane | 2016-07-15 13:55:11 | Re: sslmode=require fallback |