Home > mailing lists

Re: Fixing insecure security definer functions - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: Fixing insecure security definer functions
Date	March 29, 2007 18:11:02
Msg-id	20070329181050.GZ31937@tamriel.snowman.net Whole thread Raw
In response to	Re: Fixing insecure security definer functions ("Merlin Moncure" <mmoncure@gmail.com>)
Responses	Re: Fixing insecure security definer functions ("Merlin Moncure" <mmoncure@gmail.com>) Re: Fixing insecure security definer functions (Tom Lane <tgl@sss.pgh.pa.us>) Re: Fixing insecure security definer functions (Peter Eisentraut <peter_e@gmx.net>)
List	pgsql-hackers

Tree view

* Merlin Moncure (mmoncure@gmail.com) wrote:
> fwiw, I think this is a great solution...because the default behavior
> is preserved you get through without any extra guc settings (although
> you may want to add one anyways).

I agree that the proposed solution looks good.

> maybe security definer functions should raise a warning for implicit
> PATH NONE, and possibly even deprecate that behavior and force people
> to type it out in future (8.4+) releases.

While I agree that raising a warning makes sense I don't believe it
should be forced.  There may be cases where, even in security definer
functions, the current search_path should be used (though, of course,
care must be taken in writing such functions).
Thanks,
    Stephen

pgsql-hackers by date:

From: "Merlin Moncure"
Date: 29 March 2007, 18:03:01
Subject: Re: Fixing insecure security definer functions

From: Bruce Momjian
Date: 29 March 2007, 18:13:10
Subject: Re: tsearch_core patch for inclusion

Re: Fixing insecure security definer functions - Mailing list pgsql-hackers

Previous

Next