On 9/25/23 14:03, Jeff Davis wrote:
> On Mon, 2023-09-25 at 12:00 -0400, Joe Conway wrote:
>> Should there be a way to have a separate "execution" search_path?
>
> I hadn't considered that and I like that idea for a few reasons:
>
> * a lot of the problem cases are for functions that don't need to
> access tables at all, e.g., in an index expression.
> * it avoids annoyances with pg_temp, because that's not searched for
> functions/operators anyway
> * perhaps we could force the object search_path to be empty for
> IMMUTABLE functions?
>
> I haven't thought it through in detail, but it seems like a promising
> approach.
Related to this, it would be useful if you could grant create on schema
for only non-executable objects. You may want to allow a user to create
their own tables but not allow them to create their own functions, for
example. Right now "GRANT CREATE ON SCHEMA foo" gives the grantee the
ability to create "all the things".
--
Joe Conway
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
