| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Nico Williams <nico(at)cryptonector(dot)com> |
| Cc: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: proposal: schema variables |
| Date: | 2017-11-02 17:21:54 |
| Message-ID: | CA+TgmoYXZMFp9KuVbkOYeTcSb1wqJifFKSnaamBbzfs3sRvi1Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Nov 2, 2017 at 9:05 PM, Nico Williams <nico(at)cryptonector(dot)com> wrote:
>> Overloading SET to handle both variables and GUCs seems likely to
>> create problems, possibly including security problems. For example,
>> maybe a security-definer function could leave behind variables to
>> trick the calling code into failing to set GUCs that it intended to
>> set. Or maybe creating a variable at the wrong time will just break
>> things randomly.
>
> That's already true of GUCs, since there are no access controls on
> set_config()/current_setting().
No, it isn't. Right now, SET always refers to a GUC, never a
variable, so there's no possibility of getting confused about whether
it's intending to change a GUC or an eponymous variable. Once you
make SET able to change either one of two different kinds of objects,
then that possibility does exist.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2017-11-02 17:28:27 | Re: [HACKERS] pgsql: Fix freezing of a dead HOT-updated tuple |
| Previous Message | Robert Haas | 2017-11-02 17:16:08 | Re: [HACKERS] pgsql: Fix freezing of a dead HOT-updated tuple |