Home > mailing lists

Re: pgsql: Fix search_path to a safe value during maintenance operations. - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: pgsql: Fix search_path to a safe value during maintenance operations.
Date	August 1, 2023 17:51:10
Msg-id	CA+TgmoZPHBo25exiG+SJHeSFwfKof_+mc_Fa1SphU8E3ZTt4eQ@mail.gmail.com Whole thread Raw
In response to	Re: pgsql: Fix search_path to a safe value during maintenance operations. (Jeff Davis <pgsql@j-davis.com>)
List	pgsql-hackers

Tree view

On Mon, Jul 31, 2023 at 5:15 PM Jeff Davis <pgsql@j-davis.com> wrote:
> > ERROR: role "rhaas" should not execute arbitrary code provided by
> > role "jconway"
> > HINT: If this should be allowed, use the TRUST command to permit it.
>
> +1, though I'm not sure we need an extensive trust mechanism beyond
> what we already have with the SET ROLE privilege.

FWIW, I think it would be a good idea. It might not be absolutely
mandatory but I think it would be smart.

--
Robert Haas
EDB: http://www.enterprisedb.com

pgsql-hackers by date:

From: Sergey Shinderuk
Date: 01 August 2023, 17:44:13
Subject: Fix error handling in be_tls_open_server()

From: "Euler Taveira"
Date: 01 August 2023, 17:51:45
Subject: Re: Pgoutput not capturing the generated columns

Re: pgsql: Fix search_path to a safe value during maintenance operations. - Mailing list pgsql-hackers

Previous

Next