Creator of a range type must have permission to call support functions.
Since range types can be created by non-superusers, we need to consider
their permissions. Ideally we'd check this when the type is used, not
when it's created, but that seems like much more trouble than it's worth.
The existing restriction that the support functions be immutable already
prevents most cases where an unauthorized call to a function might be
thought a security issue, and the fact that the user has no access to
the results of the system's calls to subtype_diff closes off the other
plausible reason for concern. So this check is basically pro-forma,
but let's make it anyway.
src/backend/commands/typecmds.c | 12 ++++++++++++
1 files changed, 12 insertions(+), 0 deletions(-)
pgsql-committers by date
|Next:||From: Tom Lane||Date: 2011-11-23 22:13:16|
|Subject: pgsql: Adjust range_adjacent to support different canonicalizationrule|
|Previous:||From: Tom Lane||Date: 2011-11-23 05:03:38|
|Subject: pgsql: Remove user-selectable ANALYZE option for range types.|