| From: | "Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
|---|---|
| To: | "Jignesh Shah *EXTERN*" <jignesh(dot)shah1980(at)gmail(dot)com>, "pgsql-general" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Questions regarding SET option. |
| Date: | 2010-02-22 14:35:42 |
| Message-ID: | D960CB61B694CF459DCFB4B0128514C20393818C@exadv11.host.magwien.gv.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Jignesh Shah wrote:
> I have been writing a function with SECURITY DEFINER enabled.
> Basically, I am looking for ways to override the users SET
> option settings while executing my function to prevent the
> permissions breach. For example, to override "SET
> search_path", I am setting search path in my function before
> executing anything. Could any one please tell me what could
> be other SET options that I should take care?
>
> Moreover, how to revert back those settings just before
> returning from my function?
You can use the SET clause of CREATE FUNCTION which does exactly
what you want.
Yours,
Laurenz Albe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Albe Laurenz | 2010-02-22 14:44:08 | Re: What is unsecure postgres languages? How to disable them? |
| Previous Message | Boszormenyi Zoltan | 2010-02-22 13:46:50 | Re: ECPG: No multidimensional array support for simple data types |