Postgres Pro
Downloads
Home   >   mailing lists

Re: Delete cascade trigger runs security definer - Mailing list pgsql-general

From Tom Lane
Subject Re: Delete cascade trigger runs security definer
Date
Msg-id 15503.1226686776@sss.pgh.pa.us
Whole thread Raw
In response to Re: Delete cascade trigger runs security definer  (Craig Ringer <craig@postnewspapers.com.au>)
List pgsql-general
Tree view 
Craig Ringer <craig@postnewspapers.com.au> writes:
> Is the search_path reset in some way that's not visible in
> pg_catalog.pg_settings when the ON DELETE CASCADE is issued?

No, I don't believe so.  Perhaps your test case was simply fooled by
plan caching within the trigger function?

In general the solution to this type of problem is to attach a
search_path setting to any function that might be invoked via untrusted
users.

            regards, tom lane

pgsql-general by date:

Previous
From: Craig Ringer
Date:
Subject: Re: Delete cascade trigger runs security definer
Next
From: Dean Rasheed
Date:
Subject: Re: Delete cascade trigger runs security definer