Re: CREATE FUNCTION ... SEARCH { DEFAULT | SYSTEM | SESSION } - Mailing list pgsql-hackers

From Joe Conway
Subject Re: CREATE FUNCTION ... SEARCH { DEFAULT | SYSTEM | SESSION }
Date
Msg-id 53f0b7f1-6290-3b99-5040-ac3541df1475@joeconway.com
Whole thread Raw
In response to Re: CREATE FUNCTION ... SEARCH { DEFAULT | SYSTEM | SESSION }  (Joe Conway <mail@joeconway.com>)
Responses Re: CREATE FUNCTION ... SEARCH { DEFAULT | SYSTEM | SESSION }
List pgsql-hackers
On 8/12/23 09:15, Joe Conway wrote:
> On 8/11/23 22:35, Jeff Davis wrote:
>> 2. We can more accurately serve the user's intent. For instance, the
>> safe search_path of "pg_catalog, pg_temp" is arcane and seems to be
>> there just because we don't have a way to specify that pg_temp be
>> excluded entirely. But perhaps in the future we *do* want to exclude
>> pg_temp entirely. Knowing that the user just wants "SEARCH SYSTEM"
>> allows us some freedom to do that.
> 
> Personally I think having pg_temp in the SYSTEM search path makes sense
> for temp tables, but I find it easy to forget that functions can be
> created by unprivileged users in pg_temp, and therefore having pg_temp
> in the search path for functions is dangerous.

Hmm, I guess I was too hasty -- seems we have some magic related to this 
already.

-- 
Joe Conway
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com




pgsql-hackers by date:

Previous
From: Joe Conway
Date:
Subject: Re: CREATE FUNCTION ... SEARCH { DEFAULT | SYSTEM | SESSION }
Next
From: Amit Kapila
Date:
Subject: Re: [PATCH] Reuse Workers and Replication Slots during Logical Replication