On 2/13/07, Peter Eisentraut <peter_e@gmx.net> wrote:
> The proper fix for this problem is to insert explicit SET search_path
> commands into each affected function to produce a known safe schema
> search path. Note that using the default search path, which includes a
> reference to the "$user" schema, is not safe when unqualified
> references are intended to be found in the "public" schema and "$user"
> schemas exist or can be created by other users. It is also not
> recommended to rely on rigorously schema-qualifying all function and
> operator invocations in function source texts, as such measures are
> likely to induce mistakes and will furthermore make the source code
> harder to read and maintain.
Could you clarify what functions are going to get an explicit 'set
search_path'? Will this change the behavior of any userland
functions?
merlin
