Re: Per-function search_path => per-function GUC settings - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Per-function search_path => per-function GUC settings
Date
Msg-id 22560.1188669306@sss.pgh.pa.us
Whole thread Raw
In response to Re: Per-function search_path => per-function GUC settings  ("Brendan Jurd" <direvus@gmail.com>)
Responses Re: Per-function search_path => per-function GUC settings
List pgsql-hackers
"Brendan Jurd" <direvus@gmail.com> writes:
> CREATE FUNCTION foo(int) RETURNS int AS $$
> ...
> $$
>  LANGUAGE plpgsql
>  STABLE
>  STRICT
>  SECURITY DEFINER
>  RESET search_path
>  SET regex_flavor = 'cinnamon';

> That doesn't seem especially horrible.  In what way do you feel it is
> inconsistent with existing syntax?

Hmm ... I hadn't thought of including SET in the syntax, so I was
running into problems with distingushing GUC variable names from the
keywords that are already in the syntax.  That way would work from a
grammar point of view.  It still seems a bit inconsistent to me, but
we could live with it.  Comments anyone?

> And ... although I'll admit this is a paranoid thing to mention, if
> you have to fix the search_path setting *after* creating a function as
> SECURITY DEFINER, then there is necessarily a short period of time
> where the function exists and is insecure.

You already have that issue with respect to the default public execute
permissions on the function.  The standard solution is to do it in a
transaction block --- then no one can even see the function until you
commit.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Gregory Stark
Date:
Subject: Re: Per-function search_path => per-function GUC settings
Next
From: Tom Lane
Date:
Subject: Re: Per-function search_path => per-function GUC settings