Home > mailing lists

pgsql: Document security implications of qualified names. - Mailing list pgsql-committers

From	Noah Misch
Subject	pgsql: Document security implications of qualified names.
Date	July 29, 2018 09:14:03
Msg-id	E1fjc9j-0004Ag-Ae@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Document security implications of qualified names.

Commit 5770172cb0c9df9e6ce27c507b449557e5b45124 documented secure schema
usage, and that advice suffices for using unqualified names securely.
Document, in typeconv-func primarily, the additional issues that arise
with qualified names.  Back-patch to 9.3 (all supported versions).

Reviewed by Jonathan S. Katz.

Discussion: https://postgr.es/m/20180721012446.GA1840594@rfd.leadboat.com

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/e09144e6ce2b3ec120d0405ead2b062183f26c6b

Modified Files
--------------
doc/src/sgml/ddl.sgml                 |  15 +++--
doc/src/sgml/ref/create_function.sgml |  14 +++--
doc/src/sgml/syntax.sgml              |   8 +++
doc/src/sgml/typeconv.sgml            | 103 ++++++++++++++++++++++++++++++++--
doc/src/sgml/xfunc.sgml               |  25 ++++++---
src/backend/utils/adt/ruleutils.c     |  15 ++---
6 files changed, 147 insertions(+), 33 deletions(-)

pgsql-committers by date:

From: Tomas Vondra
Date: 29 July 2018, 07:43:52
Subject: pgsql: Provide separate header file for built-in float types

From: Michael Paquier
Date: 29 July 2018, 19:02:28
Subject: pgsql: Fix two oversights from 9ebe0572 which refactored cluster_rel

pgsql: Document security implications of qualified names. - Mailing list pgsql-committers

Previous

Next